From d2df38144e5cddd76b708760a246895817459b21 Mon Sep 17 00:00:00 2001 From: David Redmin Date: Mon, 20 Dec 2021 16:20:30 -0500 Subject: [PATCH 01/12] Add template for README --- README.md.tpl | 65 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 README.md.tpl diff --git a/README.md.tpl b/README.md.tpl new file mode 100644 index 0000000..4fec4c3 --- /dev/null +++ b/README.md.tpl @@ -0,0 +1,65 @@ +# CISA Log4j (CVE-2021-44228) Vulnerability Guidance # + +This repository provides +[CISA's guidance](https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance) +and an overview of related software regarding the Log4j vulnerability +(CVE-2021-44228). CISA encourages users and administrators to review the +[official Apache release](https://logging.apache.org/log4j/2.x/security.html) +and upgrade to Log4j 2.17.0 or apply the recommended mitigations immediately. + +The information in this repository is provided "as is" for informational +purposes only and is being assembled and updated by CISA through +collaboration with the broader cybersecurity community. Inquire with the +manufacturer or their respective online resources for the most up-to-date +information regarding any specific product listed. CISA does not endorse +any commercial product or service, including any subjects of analysis. +Any reference to specific commercial products, processes, or services by +service mark, trademark, manufacturer, or otherwise, does not constitute +or imply their endorsement, recommendation, or favoring by CISA. + +## Official CISA Guidance & Resources ## + +- [CISA Apache Log4j Vulnerability Guidance](https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance) +- [Emergency Directive 22-02 Mitigate Apache Log4j Vulnerability](https://www.cisa.gov/emergency-directive-22-02) +- [Statement from CISA Director Easterly on “Log4j” Vulnerability](https://www.cisa.gov/news/2021/12/11/statement-cisa-director-easterly-log4j-vulnerability). + +## CISA Current Activity Alerts ## + +- [CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/17/cisa-issues-ed-22-02-directing-federal-agencies-mitigate-apache) +- [Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce) +- [CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/13/cisa-creates-webpage-apache-log4j-vulnerability-cve-2021-44228) + +National Vulnerability Database (NVD) Information: [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228) + +## Mitigation Guidance ## + +CISA urges organizations operating products marked as "Fixed" to immediately +implement listed patches/mitigations [here](https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance). + +CISA urges organizations operating products marked as "Not Fixed" to immediately +implement alternate controls, including: + +- Install a WAF with rules that automatically update. +- Set `log4j2.formatMsgNoLookups` to true by adding `-Dlog4j2.formatMsgNoLookups=True` + to the Java Virtual Machine command for starting your application. +- Ensure that any alerts from a vulnerable device are immediately actioned. +- Report incidents promptly to CISA and/or the FBI [here](https://www.cisa.gov/uscert/report). + +## Status Descriptions ## + +| Status | Description | +| ------ | ----------- | +| Unknown | Status unknown. Default choice. | +| Affected | Reported to be affected by CVE-2021-44228. | +| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. | +| Fixed | Patch and/or mitigations available (see provided links). | +| Under Investigation | Vendor investigating status. | + +## Software List ## + +This list was initially populated using information from the following sources: + +- Kevin Beaumont +- SwitHak + +{{software_markdown_table}} From 9e454c4df3cf2ca9f779c39ca9434de57b2c85bb Mon Sep 17 00:00:00 2001 From: David Redmin Date: Wed, 22 Dec 2021 09:35:08 -0500 Subject: [PATCH 02/12] Rename README.md.tpl to SOFTWARE-LIST.md.tpl and update contents accordingly --- README.md.tpl | 65 -------------------------------------------- SOFTWARE-LIST.md.tpl | 20 ++++++++++++++ 2 files changed, 20 insertions(+), 65 deletions(-) delete mode 100644 README.md.tpl create mode 100644 SOFTWARE-LIST.md.tpl diff --git a/README.md.tpl b/README.md.tpl deleted file mode 100644 index 4fec4c3..0000000 --- a/README.md.tpl +++ /dev/null @@ -1,65 +0,0 @@ -# CISA Log4j (CVE-2021-44228) Vulnerability Guidance # - -This repository provides -[CISA's guidance](https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance) -and an overview of related software regarding the Log4j vulnerability -(CVE-2021-44228). CISA encourages users and administrators to review the -[official Apache release](https://logging.apache.org/log4j/2.x/security.html) -and upgrade to Log4j 2.17.0 or apply the recommended mitigations immediately. - -The information in this repository is provided "as is" for informational -purposes only and is being assembled and updated by CISA through -collaboration with the broader cybersecurity community. Inquire with the -manufacturer or their respective online resources for the most up-to-date -information regarding any specific product listed. CISA does not endorse -any commercial product or service, including any subjects of analysis. -Any reference to specific commercial products, processes, or services by -service mark, trademark, manufacturer, or otherwise, does not constitute -or imply their endorsement, recommendation, or favoring by CISA. - -## Official CISA Guidance & Resources ## - -- [CISA Apache Log4j Vulnerability Guidance](https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance) -- [Emergency Directive 22-02 Mitigate Apache Log4j Vulnerability](https://www.cisa.gov/emergency-directive-22-02) -- [Statement from CISA Director Easterly on “Log4j” Vulnerability](https://www.cisa.gov/news/2021/12/11/statement-cisa-director-easterly-log4j-vulnerability). - -## CISA Current Activity Alerts ## - -- [CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/17/cisa-issues-ed-22-02-directing-federal-agencies-mitigate-apache) -- [Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce) -- [CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/13/cisa-creates-webpage-apache-log4j-vulnerability-cve-2021-44228) - -National Vulnerability Database (NVD) Information: [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228) - -## Mitigation Guidance ## - -CISA urges organizations operating products marked as "Fixed" to immediately -implement listed patches/mitigations [here](https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance). - -CISA urges organizations operating products marked as "Not Fixed" to immediately -implement alternate controls, including: - -- Install a WAF with rules that automatically update. -- Set `log4j2.formatMsgNoLookups` to true by adding `-Dlog4j2.formatMsgNoLookups=True` - to the Java Virtual Machine command for starting your application. -- Ensure that any alerts from a vulnerable device are immediately actioned. -- Report incidents promptly to CISA and/or the FBI [here](https://www.cisa.gov/uscert/report). - -## Status Descriptions ## - -| Status | Description | -| ------ | ----------- | -| Unknown | Status unknown. Default choice. | -| Affected | Reported to be affected by CVE-2021-44228. | -| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. | -| Fixed | Patch and/or mitigations available (see provided links). | -| Under Investigation | Vendor investigating status. | - -## Software List ## - -This list was initially populated using information from the following sources: - -- Kevin Beaumont -- SwitHak - -{{software_markdown_table}} diff --git a/SOFTWARE-LIST.md.tpl b/SOFTWARE-LIST.md.tpl new file mode 100644 index 0000000..f25ffc9 --- /dev/null +++ b/SOFTWARE-LIST.md.tpl @@ -0,0 +1,20 @@ +# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List # + +## Status Descriptions ## + +| Status | Description | +| ------ | ----------- | +| Unknown | Status unknown. Default choice. | +| Affected | Reported to be affected by CVE-2021-44228. | +| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. | +| Fixed | Patch and/or mitigations available (see provided links). | +| Under Investigation | Vendor investigating status. | + +## Software List ## + +This list was initially populated using information from the following sources: + +- Kevin Beaumont +- SwitHak + +{{software_markdown_table}} From 5e8a7bd9a6f3d257fb2ca0c0bc2fcf2a4b564a91 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 22 Dec 2021 17:08:44 -0500 Subject: [PATCH 03/12] Make sure the template will get tested by linters Change the template's extension to `.md` to ensure that it is checked by the markdownlint hook (and any others). --- SOFTWARE-LIST.md.tpl => SOFTWARE-LIST.tpl.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename SOFTWARE-LIST.md.tpl => SOFTWARE-LIST.tpl.md (100%) diff --git a/SOFTWARE-LIST.md.tpl b/SOFTWARE-LIST.tpl.md similarity index 100% rename from SOFTWARE-LIST.md.tpl rename to SOFTWARE-LIST.tpl.md From f60b420cb5fbfcaecc0975dcf0b0cdc2300fb739 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 23 Dec 2021 13:11:20 -0500 Subject: [PATCH 04/12] Add GitHub Actions workflow to update software list Add a GitHub Actions workflow and related files to automatically update SOFTWARE-LIST.md when a push to the develop branch occurs. This leverages the cisagov/md-table-to-yaml Python library to perform the conversions. --- .github/workflows/update_software_list.yml | 102 ++++++++++++++++++ .yamllint | 3 + .../SOFTWARE-LIST.tpl.md | 0 config/requirements.txt | 1 + 4 files changed, 106 insertions(+) create mode 100644 .github/workflows/update_software_list.yml rename SOFTWARE-LIST.tpl.md => config/SOFTWARE-LIST.tpl.md (100%) create mode 100644 config/requirements.txt diff --git a/.github/workflows/update_software_list.yml b/.github/workflows/update_software_list.yml new file mode 100644 index 0000000..f329803 --- /dev/null +++ b/.github/workflows/update_software_list.yml @@ -0,0 +1,102 @@ +--- +name: Update the software list + +on: + push: + branches: + - develop + +env: + PIP_CACHE_DIR: ~/.cache/pip + WORKING_BRANCH_NAME: testing/update_software_list + +jobs: + setup: + runs-on: ubuntu-latest + outputs: + git_author: ${{ steps.git-config.outputs.author }} + git_email: ${{ steps.git-config.outputs.email }} + git_user: ${{ steps.git-config.outputs.user }} + steps: + - id: git-config + run: | + echo "::set-output name=author::$GIT_USER <$GIT_EMAIL>" + echo "::set-output name=email::$GIT_EMAIL" + echo "::set-output name=user::$GIT_USER" + env: + GIT_EMAIL: ${{ fromJson(secrets.GIT_AUTHOR_INFORMATION).user.email }} + GIT_USER: ${{ fromJson(secrets.GIT_AUTHOR_INFORMATION).user.name }} + generate_list_update: + runs-on: ubuntu-latest + needs: setup + outputs: + # If changes are detected then a commit will have been pushed + updated_list: ${{ steps.commit-for-testing.outputs.changes_detected }} + # Don't run if we're seeing an update push + if: github.actor != needs.setup.outputs.git_user + steps: + - uses: actions/checkout@v2 + with: + token: ${{ secrets.CISAGOVBOT_PAT }} + - id: setup-python + uses: actions/setup-python@v2 + with: + python-version: "3.10" + - uses: actions/cache@v2 + env: + BASE_CACHE_KEY: "${{ github.job }}-${{ runner.os }}-\ + py${{ steps.setup-python.outputs.python-version }}-" + with: + path: | + ${{ env.PIP_CACHE_DIR }} + key: "${{ env.BASE_CACHE_KEY }}\ + ${{ hashFiles('.github/workflows/update_software_list.yml') }}" + restore-keys: | + ${{ env.BASE_CACHE_KEY }} + - name: Update Python base packages + run: python -m pip install --upgrade pip setuptools wheel + - name: Install dependencies + run: pip install --upgrade --requirement config/requirements.txt + - name: Create the branch for test validation + run: git switch --create ${{ env.WORKING_BRANCH_NAME }} + - name: Generate a normalized YAML file + run: normalize-yml data/cisagov.yml > normalized.yml + - name: Generate a Markdown table from the normalized YAML file + run: yml2md normalized.yml > table_data.md + - name: Generate a new software list from the updated data + run: md-from-template config/SOFTWARE-LIST.tpl.md table_data.md > SOFTWARE-LIST.md + - id: commit-for-testing + uses: stefanzweifel/git-auto-commit-action@v4 + with: + branch: ${{ env.WORKING_BRANCH_NAME }} + commit_message: Update the software list + commit_user_name: ${{ needs.setup.outputs.git_user }} + commit_user_email: ${{ needs.setup.outputs.git_email }} + commit_author: ${{ needs.setup.outputs.git_author }} + file_pattern: SOFTWARE-LIST.md + merge_list_update: + runs-on: ubuntu-latest + needs: + - setup + - generate_list_update + if: needs.generate_list_update.outputs.updated_list == 'true' + steps: + - uses: actions/checkout@v2 + with: + token: ${{ secrets.CISAGOVBOT_PAT }} + - name: Configure git + run: | + git config user.name "${{ needs.setup.outputs.git_user }}" + git config user.email "${{ needs.setup.outputs.git_email }}" + - uses: lewagon/wait-on-check-action@v1.0.0 + with: + check-name: lint + ref: ${{ env.WORKING_BRANCH_NAME }} + repo-token: ${{ github.token }} + - name: Merge the testing branch + run: | + git fetch + git merge origin/${{ env.WORKING_BRANCH_NAME }} + git push + - name: Cleanup testing branch + run: git push -d origin ${{ env.WORKING_BRANCH_NAME }} diff --git a/.yamllint b/.yamllint index 7ed00eb..67b64cd 100644 --- a/.yamllint +++ b/.yamllint @@ -5,3 +5,6 @@ rules: # yamllint doesn't like when we use yes and no for true and false, # but that's pretty standard in Ansible. truthy: disable + + # Enforcing this rule would be complicated for auto-generated data right now. + line-length: disable diff --git a/SOFTWARE-LIST.tpl.md b/config/SOFTWARE-LIST.tpl.md similarity index 100% rename from SOFTWARE-LIST.tpl.md rename to config/SOFTWARE-LIST.tpl.md diff --git a/config/requirements.txt b/config/requirements.txt new file mode 100644 index 0000000..aaaced1 --- /dev/null +++ b/config/requirements.txt @@ -0,0 +1 @@ +https://api.github.com/repos/cisagov/md-table-to-yml/tarball/develop From 05bb8a82b7f1b2857af34c4fbec58df0900c1b7a Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 23 Dec 2021 13:25:23 -0500 Subject: [PATCH 05/12] Add initial cisagov data source This follows the expected YAML format, but there are no software records. --- data/cisagov.yml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 data/cisagov.yml diff --git a/data/cisagov.yml b/data/cisagov.yml new file mode 100644 index 0000000..be32d43 --- /dev/null +++ b/data/cisagov.yml @@ -0,0 +1,4 @@ +--- +version: '1.0' +software: [] +... From ec0c326e0141a5183bf758f1a69b93b7f8312edf Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 29 Dec 2021 15:25:02 -0500 Subject: [PATCH 06/12] Update software information Read the current contents of SOFTWARE-LIST.md and use them to populate cisagov.yml with useful data. This is necessary for the switch to using a YAML file (cisagov.yml) as the source of information in this repository. --- data/cisagov.yml | 85456 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 85455 insertions(+), 1 deletion(-) diff --git a/data/cisagov.yml b/data/cisagov.yml index be32d43..7a7cfc5 100644 --- a/data/cisagov.yml +++ b/data/cisagov.yml @@ -1,4 +1,85458 @@ --- version: '1.0' -software: [] +software: + - vendor: 1Password + product: All products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.1password.com/kb/202112/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-23T00:00:00' + - vendor: 2n + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.2n.com/cs_CZ/novinky/produkty-2n-neohrozuje-zranitelnost-cve-2021-44228-komponenty-log4j-2 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: 3CX + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.3cx.com/community/threads/log4j-vulnerability-cve-2021-44228.86436/#post-407911 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: 3M Health Information Systems + product: CGS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.3mhis.com/app/account/updates/ri/5210 + notes: This advisory is available to customer only and has not been reviewed by + CISA. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: 7-Zip + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sourceforge.net/p/sevenzip/discussion/45797/thread/b977bbd4d1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: ABB + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://search.abb.com/library/Download.aspx?DocumentID=9ADB012621&LanguageCode=en&DocumentPartId=&Action=Launch + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: ABB + product: ABB Remote Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - ABB Remote Platform (RAP) + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: ABB + product: AlarmInsight Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - AlarmInsight KPI Dashboards 1.0.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: ABB + product: B&R Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - See Vendor Advisory + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.br-automation.com/downloads_br_productcatalogue/assets/1639507581859-en-original-1.0.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Abbott + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.abbott.com/policies/cybersecurity/apache-Log4j.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Abnormal Security + product: Abnormal Security + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://abnormalsecurity.com/blog/attackers-use-email-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Accellence + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.accellence.de/en/articles/national-vulnerability-database-62 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Accellion + product: Kiteworks + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - v7.6 release + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.kiteworks.com/kiteworks-news/log4shell-apache-vulnerability-what-kiteworks-customers-need-to-know/ + notes: '"As a precaution, Kiteworks released a 7.6.1 Hotfix software update to + address the vulnerability. This patch release adds the mitigation for CVE-2021-44228 + contained in the Solr package as recommended by Apache Solr group. Specifically, + it updates the Log4j library to a non-vulnerable version on CentOS 7 systems + as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true” + to disable the possible attack vector on both CentOS 6 and CentOS 7."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Acquia + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.acquia.com/hc/en-us/articles/4415823329047-Apache-log4j-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Acronis + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security-advisory.acronis.com/advisories/SEC-3859 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: ActiveState + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.activestate.com/blog/activestate-statement-java-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Adaptec + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://ask.adaptec.com/app/answers/detail/a_id/17523/kw/log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Addigy + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://addigy.com/blog/addigy-and-apaches-log4j2-cve-2021-44228-status/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Adeptia + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.adeptia.com/hc/en-us/articles/4412815509524-CVE-2021-44228-Log4j2-Vulnerability-Mitigation- + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Adobe ColdFusion + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://helpx.adobe.com/coldfusion/kb/log4j-vulnerability-coldfusion.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: ADP + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.adp.com/about-adp/data-security/alerts/adp-vulnerability-statement-apache-log4j-vulnerability-cve-2021-44228.aspx + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: AFAS Software + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.afas.nl/vraagantwoord/NL/SE/120439.htm + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: AFHCAN Global LLC + product: AFHCANsuite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 8.0.7 - 8.4.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://afhcan.org/support.aspx + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: AFHCAN Global LLC + product: AFHCANServer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 8.0.7 - 8.4.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://afhcan.org/support.aspx + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: AFHCAN Global LLC + product: AFHCANcart + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 8.0.7 - 8.4.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://afhcan.org/support.aspx + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: AFHCAN Global LLC + product: AFHCANweb + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 8.0.7 - 8.4.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://afhcan.org/support.aspx + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: AFHCAN Global LLC + product: AFHCANmobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 8.0.7 - 8.4.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://afhcan.org/support.aspx + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: AFHCAN Global LLC + product: AFHCANupdate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 8.0.7 - 8.4.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://afhcan.org/support.aspx + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Agilysys + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://info.agilysys.com/webmail/76642/2001127877/c3fda575e2313fac1f6a203dc6fc1db2439c3db0da22bde1b6c1b6747d7f0e2f + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Advanced Systems Concepts (formally Jscape) + product: Active MFT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.advsyscon.com/hc/en-us/articles/4413631831569 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Advanced Systems Concepts (formally Jscape) + product: MFT Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.advsyscon.com/hc/en-us/articles/4413631831569 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Advanced Systems Concepts (formally Jscape) + product: MFT Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.advsyscon.com/hc/en-us/articles/4413631831569 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Advanced Systems Concepts (formally Jscape) + product: MFT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.advsyscon.com/hc/en-us/articles/4413631831569 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Akamai + product: SIEM Splunk Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://splunkbase.splunk.com/app/4310/ + notes: v1.4.11 is the new recommendation for mitigation of log4j vulnerabilities + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Alcatel + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://dokuwiki.alu4u.com/doku.php?id=log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Alertus + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.alertus.com/s/article/Security-Advisory-Log4Shell-Vulnerability?language=en_US + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Alexion + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://alexion.nl/blog/alexion-crm-niet-vatbaar-voor-log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Alfresco + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://hub.alfresco.com/t5/alfresco-content-services-blog/cve-2021-44228-related-to-apache-log4j-security-advisory/ba-p/310717 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: AlienVault + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://success.alienvault.com/s/article/are-USM-Anywhere-or-USM-Central-vulnerable-to-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Alphatron Medical + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.alphatronmedical.com/home.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: Athena + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: AWS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Linux 1 + - '2' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: 'Notes: Amazon Linux 1 had aws apitools which were Java based but these + were deprecated in 2015 [AWS Forum](https://forums.aws.amazon.com/thread.jspa?threadID=323611). + AMIs used to inspect and verify (base spin ups) - amzn-ami-hvm-2018.03.0.20200318.1-x86_64-gp2 + and amzn2-ami-kernel-5.10-hvm-2.0.20211201.0-x86_64-gp2' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Amazon + product: AWS API Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Amazon + product: AWS CloudHSM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 3.4.1. + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: AWS Connect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: Vendors recommend evaluating components of the environment outside of the + Amazon Connect service boundary, which may require separate/additional customer + mitigation + references: + - '' + reporter: cisagov + last_updated: '2021-12-23T00:00:00' + - vendor: Amazon + product: AWS Lambda + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Unknown + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: AWS DynamoDB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Amazon + product: AWS ElastiCache + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Amazon + product: AWS Inspector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Amazon + product: AWS RDS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: Amazon RDS and Amazon Aurora have been updated to mitigate the issues identified + in CVE-2021-44228 + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Amazon + product: AWS S3 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Amazon + product: AWS SNS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: Amazon SNS systems that serve customer traffic are patched against the + Log4j2 issue. We are working to apply the Log4j2 patch to sub-systems that operate + separately from SNS’s systems that serve customer traffic + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Amazon + product: AWS SQS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Amazon + product: AWS EKS, ECS, Fargate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Unknown + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: To help mitigate the impact of the open-source Apache “Log4j2" utility + (CVE-2021-44228 and CVE-2021-45046) security issues on customers’ containers, + Amazon EKS, Amazon ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). + This hot-patch will require customer opt-in to use, and disables JNDI lookups + from the Log4J2 library in customers’ containers. These updates are available + as an Amazon Linux package for Amazon ECS customers, as a DaemonSet for Kubernetes + users on AWS, and will be in supported AWS Fargate platform versions + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Amazon + product: AWS ELB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Amazon + product: AWS Kinesis Data Stream + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Unknown + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: We are actively patching all sub-systems that use Log4j2 by applying updates. + The Kinesis Client Library (KCL) version 2.X and the Kinesis Producer Library + (KPL) are not impacted. For customers using KCL 1.x, we have released an updated + version and we strongly recommend that all KCL version 1.x customers upgrade + to KCL version 1.14.5 (or higher) + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Amazon + product: AWS Lambda + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Unknown + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: CloudFront + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: CloudWatch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: EC2 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Amazon Linux 1 & 2 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Amazon + product: ELB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: KMS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: OpenSearch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Unknown + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: RDS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: Route 53 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: S3 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: Translate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/translate/ + notes: Service not identified on [AWS Log4j Security Bulletin](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Amazon + product: VPC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: AMD + product: All + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1034 + notes: Currently, no AMD products have been identified as affected. AMD is continuing + its analysis. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Anaconda + product: Anaconda + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 4.10.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.conda.io/projects/conda/en/latest/index.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Apache + product: ActiveMQ Artemis + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://activemq.apache.org/news/cve-2021-44228 + notes: ActiveMQ Artemis does not use Log4j for logging. However, Log4j 1.2.17 + is included in the Hawtio-based web console application archive (i.e. [web/console.war/WEB-INF/lib](web/console.war/WEB-INF/lib)). + Although this version of Log4j is not impacted by CVE-2021-44228 future versions + of Artemis will be updated so that the Log4j jar is no longer included in the + web console application archive. See [ARTEMIS-3612](https://issues.apache.org/jira/browse/ARTEMIS-3612) + for more information on that task. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Apache + product: Airflow + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/apache/airflow/tree/main/airflow + notes: Airflow is written in Python + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Apache + product: Camel + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.14.1.3.11.5 + - 3.7.7 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://camel.apache.org/blog/2021/12/log4j2/ + notes: Apache Camel does not directly depend on Log4j 2, so we are not affected + by CVE-2021-44228.If you explicitly added the Log4j 2 dependency to your own + applications, make sure to upgrade.Apache Camel does use log4j during testing + itself, and therefore you can find that we have been using log4j v2.13.3 release + in our latest LTS releases Camel 3.7.6, 3.11.4. + references: + - '' + reporter: cisagov + last_updated: '2021-12-13T00:00:00' + - vendor: Apache + product: Camel Quarkus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://camel.apache.org/blog/2021/12/log4j2/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-13T00:00:00' + - vendor: Apache + product: Camel K + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://camel.apache.org/blog/2021/12/log4j2/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-13T00:00:00' + - vendor: Apache + product: CamelKafka Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://camel.apache.org/blog/2021/12/log4j2/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-13T00:00:00' + - vendor: Apache + product: Camel Karaf + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://camel.apache.org/blog/2021/12/log4j2/ + notes: The Karaf team is aware of this and are working on a new Karaf 4.3.4 release + with updated log4j. + references: + - '' + reporter: cisagov + last_updated: '2021-12-13T00:00:00' + - vendor: Apache + product: Camel JBang + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <=3.1.4 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://camel.apache.org/blog/2021/12/log4j2/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-13T00:00:00' + - vendor: Apache + product: Camel 2 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://camel.apache.org/blog/2021/12/log4j2/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-13T00:00:00' + - vendor: Apache + product: Druid + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < druid 0.22.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/apache/druid/releases/tag/druid-0.22.1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Apache + product: Flink + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 1.14.2 + - 1.13.5 + - 1.12.7 + - 1.11.6 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://flink.apache.org/2021/12/10/log4j-cve.html + notes: 'To clarify and avoid confusion: The 1.14.1 / 1.13.4 / 1.12.6 / 1.11.5 + releases, which were supposed to only contain a Log4j upgrade to 2.15.0, were + skipped because CVE-2021-45046 was discovered during the release publication. + The new 1.14.2 / 1.13.5 / 1.12.7 / 1.11.6 releases include a version upgrade + for Log4j to version 2.16.0 to address CVE-2021-44228 and CVE-2021-45046.' + references: + - '[https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html](https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html)' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Apache + product: Kafka + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kafka.apache.org/cve-list + notes: The current DB lists Apache Kafka as impacted. Apache Kafka uses Log4jv1, + not v2. + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Apache + product: Kafka + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Unknown + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://logging.apache.org/log4j/2.x/security.html + notes: Only vulnerable in certain configuration(s) + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Apache + product: Log4j + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 2.15.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://logging.apache.org/log4j/2.x/security.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Apache + product: Solr + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 7.4.0 to 7.7.3 + - 8.0.0 to 8.11.0 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 + notes: Update to 8.11.1 or apply fixes as described in Solr security advisory + references: + - '[Apache Solr 8.11.1 downloads](https://solr.apache.org/downloads.html)' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Apache + product: Struts 2 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - Versions before 2.5.28.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://struts.apache.org/announce-2021 + notes: The Apache Struts group is pleased to announce that Struts 2.5.28.1 is + available as a “General Availability” release. The GA designation is our highest + quality grade. This release addresses Log4j vulnerability CVE-2021-45046 by + using the latest Log4j 2.12.2 version (Java 1.7 compatible). + references: + - '[Apache Struts Release Downloads](https://struts.apache.org/download.cgi#struts-ga)' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Apache + product: Tomcat + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - 9.0.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tomcat.apache.org/security-9.html + notes: Apache Tomcat 9.0.x has no dependency on any version of log4j. Web applications + deployed on Apache Tomcat may have a dependency on log4j. You should seek support + from the application vendor in this instance. It is possible to configure Apache + Tomcat 9.0.x to use log4j 2.x for Tomcat's internal logging. This requires explicit + configuration and the addition of the log4j 2.x library. Anyone who has switched + Tomcat's internal logging to log4j 2.x is likely to need to address this vulnerability. + In most cases, disabling the problematic feature will be the simplest solution. + Exactly how to do that depends on the exact version of log4j 2.x being used. + Details are provided on the [log4j 2.x security page](https://logging.apache.org/log4j/2.x/security.html) + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Apereo + product: CAS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 6.3.x & 6.4.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://apereo.github.io/2021/12/11/log4j-vuln/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Apereo + product: Opencast + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 9.10 + - < 10.6 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/opencast/opencast/security/advisories/GHSA-mf4f-j588-5xm8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:49+00:00' + - vendor: Application Performance Ltd + product: DBMarlin + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - Not Affected + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Apigee + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://status.apigee.com/incidents/3cgzb0q2r10p + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Apollo + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.apollographql.com/t/log4j-vulnerability/2214 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Appdynamics + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Appeon + product: PowerBuilder + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Appeon PowerBuilder 2017-2021 regardless of product edition + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: AppGate + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.appgate.com/blog/appgate-sdp-unaffected-by-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Appian + product: Appian Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.appian.com/support/w/kb/2511/kb-2204-information-about-the-log4j2-security-vulnerabilities-cve-2021-44228-cve-2021-45046 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Application Performance Ltd + product: DBMarlin + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.dbmarlin.com/docs/faqs/frequently-asked-questions/?_ga=2.72968147.1563671049.1639624574-1296952804.1639624574#apache-log4j-vulnerability-cve-2021-4428 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: APPSHEET + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Aptible + product: Aptible + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - ElasticSearch 5.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: APC by Schneider Electric + product: Powerchute Business Edition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - v9.5 + - v10.0.1 + - v10.0.2 + - v10.0.3 + - v10.0.4 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345 + notes: Mitigation instructions to remove the affected class. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: APC by Schneider Electric + product: Powerchute Network Shutdown + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '4.2' + - '4.3' + - '4.4' + - 4.4.1 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345 + notes: Mitigation instructions to remove the affected class. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Aqua Security + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.google.com/document/d/e/2PACX-1vSmFR3oHPXOih1wENKd7RXn0dsHzgPUe91jJwDTsaVxJtcJEroktWNLq7BMUx9v7oDZRHqLVgkJnqCm/pub + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Arbiter Systems + product: All + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.arbiter.com/news/index.php?id=4403 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Arca Noae + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.arcanoae.com/apache-log4j-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Arcserve + product: Arcserve Backup + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.storagecraft.com/s/article/Log4J-Update + notes: '' + references: + - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Arcserve + product: Arcserve Continuous Availability + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.storagecraft.com/s/article/Log4J-Update + notes: '' + references: + - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Arcserve + product: Arcserve Email Archiving + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.storagecraft.com/s/article/Log4J-Update + notes: '' + references: + - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Arcserve + product: Arcserve UDP + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 6.5-8.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.storagecraft.com/s/article/Log4J-Update + notes: '' + references: + - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Arcserve + product: ShadowProtect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.storagecraft.com/s/article/Log4J-Update + notes: '' + references: + - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Arcserve + product: ShadowXafe + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.storagecraft.com/s/article/Log4J-Update + notes: '' + references: + - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Arcserve + product: Solo + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.storagecraft.com/s/article/Log4J-Update + notes: '' + references: + - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Arcserve + product: StorageCraft OneXafe + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.storagecraft.com/s/article/Log4J-Update + notes: '' + references: + - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: ArcticWolf + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://arcticwolf.com/resources/blog/log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Arduino + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.arduino.cc/hc/en-us/articles/4412377144338-Arduino-s-response-to-Log4j2-vulnerability-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Ariba + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://connectsupport.ariba.com/sites#announcements-display&/Event/908469 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Arista + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Aruba Networks + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://asp.arubanetworks.com/notifications/Tm90aWZpY2F0aW9uOjEwMTQ0;notificationCategory=Security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Ataccama + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ataccama.com/files/log4j2-vulnerability-cve-2021-44228-fix.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Atera + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.reddit.com/r/atera/comments/rh7xb1/apache_log4j_2_security_advisory_update/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Atlassian + product: Bamboo Server & Data Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html + notes: This product may be affected by a related but lower severity vulnerability + if running in a specific non-default configuration. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Atlassian + product: Bitbucket Server & Data Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html + notes: This product is not vulnerable to remote code execution but may leak information + due to the bundled Elasticsearch component being vulnerable. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Atlassian + product: Confluence Server & Data Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html + notes: This product may be affected by a related but lower severity vulnerability + if running in a specific non-default configuration. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Atlassian + product: Crowd Server & Data Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html + notes: This product may be affected by a related but lower severity vulnerability + if running in a specific non-default configuration. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Atlassian + product: Crucible + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html + notes: This product may be affected by a related but lower severity vulnerability + if running in a specific non-default configuration. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Atlassian + product: Fisheye + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html + notes: This product may be affected by a related but lower severity vulnerability + if running in a specific non-default configuration. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Atlassian + product: Jira Server & Data Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html + notes: This product may be affected by a related but lower severity vulnerability + if running in a specific non-default configuration. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Attivo networks + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: AudioCodes + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://services.audiocodes.com/app/answers/kbdetail/a_id/2225 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Autodesk + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html + notes: Autodesk is continuing to perform a thorough investigation in relation + to the recently discovered Apache Log4j security vulnerabilities. We continue + to implement several mitigating factors for our products including patching, + network firewall blocks, and updated detection signatures to reduce the threat + of this vulnerability and enhance our ability to quickly respond to potential + malicious activity. We have not identified any compromised systems in the Autodesk + environment due to this vulnerability, at this time. This is an ongoing investigation + and we will provide updates on the [Autodesk Trust Center as we learn more](https://www.autodesk.com/trust/overview). + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Automox + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.automox.com/log4j-critical-vulnerability-scores-a-10 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Autopsy + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.autopsy.com/autopsy-and-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Auvik + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://status.auvik.com/incidents/58bfngkz69mj + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Avantra SYSLINK + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avantra.com/support/solutions/articles/44002291388-cve-2021-44228-log4j-2-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Avaya + product: Avaya Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '3.5' + - '3.6' + - 3.6.1 + - '3.7' + - '4' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Aura for OneCloud Private + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: Avaya is scanning and monitoring its OneCloud Private environments as part + of its management activities. Avaya will continue to monitor this fluid situation + and remediations will be made as patches become available, in accordance with + appropriate change processes. + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Aura® Application Enablement Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.1.3.2 + - 8.1.3.3 + - '10.1' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '[PSN020551u](https://download.avaya.com/css/public/documents/101079386)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Aura® Contact Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 7.0.2 + - 7.0.3 + - '7.1' + - 7.1.1 + - 7.1.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Aura® Device Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '8' + - '8.1' + - 8.1.4 + - 8.1.5 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Aura® Media Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.0.0 + - 8.0.1 + - 8.0.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '[PSN020549u](https://download.avaya.com/css/secure/documents/101079316)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Aura® Presence Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '10.1' + - 7.1.2 + - '8' + - 8.0.1 + - 8.0.2 + - '8.1' + - 8.1.1 + - 8.1.2 + - 8.1.3 + - 8.1.4 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Aura® Session Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '10.1' + - 7.1.3 + - '8' + - 8.0.1 + - '8.1' + - 8.1.1 + - 8.1.2 + - 8.1.3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '[PSN020550u](https://download.avaya.com/css/public/documents/101079384)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Aura® System Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '10.1' + - 8.1.3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '[PSN005565u](https://download.avaya.com/css/secure/documents/101079390)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Aura® Web Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.11[P] + - 3.8.1[P] + - 3.8[P] + - 3.9.1 [P] + - 3.9[P] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Breeze™ + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '3.7' + - '3.8' + - 3.8.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Contact Center Select + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 7.0.2 + - 7.0.3 + - '7.1' + - 7.1.1 + - 7.1.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya CRM Connector - Connected Desktop + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '2.2' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Device Enablement Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.1.22 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Meetings + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 9.1.10 + - 9.1.11 + - 9.1.12 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya one cloud private -UCaaS - Mid Market Aura + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '1' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya OneCloud-Private + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '2' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Session Border Controller for Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.0.1 + - '8.1' + - 8.1.1 + - 8.1.2 + - 8.1.3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '[PSN020554u](https://download.avaya.com/css/public/documents/101079394)' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Social Media Hub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Workforce Engagement + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '5.3' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Business Rules Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '3.4' + - '3.5' + - '3.6' + - '3.7' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Callback Assist + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '5' + - 5.0.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Control Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 9.0.2 + - 9.0.2.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Device Enrollment Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '3.1' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Equinox™ Conferencing + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 9.1.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Interaction Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 7.3.9 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: IP Office™ Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 11.0.4 + - '11.1' + - 11.1.1 + - 11.1.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Proactive Outreach Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.1.2 + - 3.1.3 + - '4' + - 4.0.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Aura® Device Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.0.1 + - 8.0.2 + - 8.1.3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: AVEPOINT + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.avepoint.com/company/java-zero-day-vulnerability-notification + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: AVM + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://avm.de/service/aktuelle-sicherheitshinweise/#Schwachstelle%20im%20Java-Projekt%20%E2%80%9Elog4j%E2%80%9C + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: AvTech RoomAlert + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://avtech.com/articles/23124/java-exploit-room-alert-link/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: AWS New + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: AXON + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.axon.com/s/trust/response-to-log4j2-vuln?language=en_US + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: AXS Guard + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.axsguard.com/en_US/blog/security-news-4/log4j-vulnerability-77 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Axways Applications + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.axway.com/news/1331/lang/en + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: B&R Industrial Automation + product: APROL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.br-automation.com/downloads_br_productcatalogue/assets/1639507581859-en-original-1.0.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Baxter + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BackBox + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://updates.backbox.com/V6.5/Docs/CVE-2021-44228.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Balbix + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.balbix.com/blog/broad-exposure-to-log4shell-cve-2021-44228-highlights-how-the-attack-surface-has-exploded/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Baramundi Products + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.baramundi.com/index.php?threads/baramundi-produkte-von-log4shell-schwachstelle-in-log4j-nicht-betroffen.12539/#post-62875 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Barco + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.barco.com/en/support/knowledge-base/kb12495 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Barracuda + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.barracuda.com/company/legal/trust-center + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BBraun + product: Outlook® Safety Infusion System Pump family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BBraun + product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor® + Space® Infusion + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BBraun + product: Pump, SpaceStation, and Space® Wireless Battery) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BBraun + product: DoseTrac® Server, DoseLink™ Server, and Space® Online Suite Server software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BBraun + product: Pinnacle® Compounder + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BBraun + product: APEX® Compounder + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: Arctic Sun™ Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD Diabetes Care App Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD HealthSight™ Clinical Advisor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD HealthSight™ Data Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD HealthSight™ Diversion Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD HealthSight™ Infection Advisor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD HealthSight™ Inventory Optimization Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD HealthSight™ Medication Safety + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD Knowledge Portal for Infusion Technologies + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD Knowledge Portal for Medication Technologies + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD Knowledge Portal for BD Pyxis™ Supply + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD Synapsys™ Informatics Solution + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD Veritor™ COVID At Home Solution Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Beckman Coulter + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Beijer Electronics + product: acirro+ + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Beijer Electronics + product: BFI frequency inverters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Beijer Electronics + product: BSD servo drives + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Beijer Electronics + product: CloudVPN + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Beijer Electronics + product: FnIO-G and M Distributed IO + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Beijer Electronics + product: iX Developer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Beijer Electronics + product: Nexto modular PLC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Beijer Electronics + product: Nexto Xpress compact controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Beijer Electronics + product: WARP Engineering Studio + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: BioMerieux + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.biomerieux.com/en/cybersecurity-data-privacy + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Bender + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.bender.de/en/cert + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Best Practical Request Tracker (RT) and Request Tracker for Incident Response + (RTIR) + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BeyondTrust + product: Privilege Management Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: BeyondTrust + product: Privilege Management Reporting in BeyondInsight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '21.2' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: BeyondTrust + product: Secure Remote Access appliances + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: BeyondTrust Bomgar + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BisectHosting + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BitDefender + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BitNami By VMware + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.bitnami.com/general/security/security-2021-12-10/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BitRise + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.bitrise.io/post/bitrises-response-to-log4j-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Bitwarden + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bitwarden.com/t/log4j-log4shell-cve-is-bitwarden-affected-due-to-docker-image/36177/2 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Biztory + product: Fivetran + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.biztory.com/blog/apache-log4j2-vulnerability + notes: '' + references: + - Vendor review indicated Fivetran is not vulnerable to Log4j2 + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Black Kite + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blackkite.com/log4j-rce-vulnerability-log4shell-puts-millions-at-risk/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Blancco + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.blancco.com/display/NEWS/2021/12/12/CVE-2021-44228+-+Critical+vulnerability+in+Apache+Log4j+library + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Blumira + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.blumira.com/cve-2021-44228-log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: Bladelogic Database Automation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC AMI Ops + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC AMI Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Compuware + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Automation Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Business Workflows + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Client Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Cloud Cost + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Cloud Security + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix CMDB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Continuous Optimization + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Control-M + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Digital Workplace + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Discovery + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix ITSM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Knowledge Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Operations Management with AIOps + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Remediate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Remediate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Remedyforce + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: BMC Helix Virtual Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: Cloud Lifecycle Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: Control-M + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: Footprints + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: MainView Middleware Administrator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: MainView Middleware Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: Remedy ITSM (IT Service Management) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: SmartIT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: Track-It! + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: TrueSight Automation for Networks + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: TrueSight Automation for Servers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: TrueSight Capacity Optimization + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: TrueSight Infrastructure Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: TrueSight Operations Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BMC + product: TrueSight Orchestration + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Boston Scientific + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Bosch + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://bosch-iot-suite.com/news/apache-log4j-rce-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Box + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.box.com/boxs-statement-recent-log4j-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Brainworks + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.brainworks.de/log4j-exploit-kerio-connect-workaround/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: BrightSign + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://brightsign.atlassian.net/wiki/spaces/DOC/pages/370679198/Security+Statement+Log4J+Meltdown+and+Spectre+Vulnerabilities#SecurityStatement%3ALog4J%2CMeltdownandSpectreVulnerabilities-JavaApacheLog4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Advanced Secure Gateway (ASG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Automic Automation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://knowledge.broadcom.com/external/article?articleId=230308 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: BCAAA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: CA Advanced Authentication + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '9.1' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: CA Risk Authentication + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: CA Strong Authentication + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Cloud Workload Protection (CWP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Cloud Workload Protection for Storage (CWP:S) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: CloudSOC Cloud Access Security Broker (CASB) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Content Analysis (CA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Critical System Protection (CSP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Data Center Security (DCS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Data Loss Prevention (DLP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Email Security Service (ESS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Ghost Solution Suite (GSS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: HSM Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Industrial Control System Protection (ICSP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Integrated Cyber Defense Manager (ICDm) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Integrated Secure Gateway (ISG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: IT Management Suite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Layer7 API Developer Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Layer7 API Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Layer7 Mobile API Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Management Center (MC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: PacketShaper (PS) S-Series + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: PolicyCenter (PC) S-Series + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Privileged Access Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Privileged Access Manager Server Control + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Privileged Identity Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: ProxySG + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Reporter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Secure Access Cloud (SAC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Security Analytics (SA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: SiteMinder (CA Single Sign-On) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: SSL Visibility (SSLV) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec Control Compliance Suite (CCS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec Directory + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec Endpoint Detection and Response (EDR) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec Endpoint Encryption (SEE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec Endpoint Protection (SEP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec Endpoint Protection (SEP) for Mobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec Endpoint Protection Manager (SEPM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '14.3' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec Identity Governance and Administration (IGA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec Mail Security for Microsoft Exchange (SMSMSE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec Messaging Gateway (SMG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec PGP Solutions + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec Protection Engine (SPE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Symantec Protection for SharePoint Servers (SPSS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: VIP + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: VIP Authentication Hub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Web Isolation (WI) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: Web Security Service (WSS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Broadcom + product: WebPulse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: C4b XPHONE + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.c4b.com/de/news/log4j.php + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Campbell Scientific + product: All + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://s.campbellsci.com/documents/us/miscellaneous/log4j2-vulnerability.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-23T00:00:00' + - vendor: Camunda + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.camunda.org/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228/31910 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Canary Labs + product: All + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://helpcenter.canarylabs.com/t/83hjjk0/log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: CT Medical Imaging Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: MR Medical Imaging Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: UL Medical Imaging Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: XR Medical Imaging Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: NM Medical Imaging Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: Vitrea Advanced 7.x + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: Infinix-i (Angio Workstation) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: Alphenix (Angio Workstation) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: CapStorm + product: Copystorm + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: CarbonBlack + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Carestream + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.carestream.com/en/us/services-and-support/cybersecurity-and-privacy + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: CAS genesisWorld + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://helpdesk.cas.de/CASHelpdesk/FAQDetails.aspx?gguid=0x79F9E881EE3C46C1A71BE9EB3E480446 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Cato Networks + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.catonetworks.com/blog/cato-networks-rapid-response-to-the-apache-log4j-remote-code-execution-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Cepheid + product: C360 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.cepheid.com/en_US/legal/product-security-updates + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Cepheid + product: GeneXpert + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.cepheid.com/en_US/legal/product-security-updates + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Cerberus FTP + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Chaser Systems + product: discrimiNAT Firewall + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/#are-chasers-products-affected + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Check Point + product: CloudGuard + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportcontent.checkpoint.com/solutions?id=sk176865 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Check Point + product: Harmony Endpoint & Harmony Mobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportcontent.checkpoint.com/solutions?id=sk176865 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Check Point + product: Infinity Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportcontent.checkpoint.com/solutions?id=sk176865 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Check Point + product: Quantum Security Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportcontent.checkpoint.com/solutions?id=sk176865 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Check Point + product: Quantum Security Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportcontent.checkpoint.com/solutions?id=sk176865 + notes: Where used, uses the 1.8.0\_u241 version of the JRE that protects against + this attack by default. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Check Point + product: SMB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportcontent.checkpoint.com/solutions?id=sk176865 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Check Point + product: ThreatCloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportcontent.checkpoint.com/solutions?id=sk176865 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: CheckMK + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.checkmk.com/t/checkmk-not-affected-by-log4shell/28643/3 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Ciphermail + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ciphermail.com/blog/ciphermail-gateway-and-webmail-messenger-are-not-vulnerable-to-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: CircleCI + product: CircleCI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.circleci.com/t/circleci-log4j-information-cve-2021-4422 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: CIS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cisecurity.atlassian.net/servicedesk/customer/portal/15/article/2434301961 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Cisco + product: AppDynamics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Cisco + product: Cisco Common Services Platform Collector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Cisco + product: Cisco Network Services Orchestrator (NSO) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Cisco + product: Cisco System Architecture Evolution Gateway (SAEGW) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Cisco + product: Cisco ACI Multi-Site Orchestrator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Cisco + product: Cisco ACI Virtual Edge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Cisco + product: Cisco Adaptive Security Appliance (ASA) Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Cisco + product: Cisco Advanced Web Security Reporting Application + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Cisco + product: Cisco AMP Virtual Private Cloud Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:50+00:00' + - vendor: Cisco + product: Cisco AnyConnect Secure Mobility Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Application Policy Infrastructure Controller (APIC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco ASR 5000 Series Routers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Broadcloud Calling + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco BroadWorks + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Catalyst 9800 Series Wireless Controllers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco CloudCenter Suite Admin + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco CloudCenter Workload Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Cognitive Intelligence + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Computer Telephony Integration Object Server (CTIOS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Connected Grid Device Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Connected Mobile Experiences + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Connectivity + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Contact Center Domain Manager (CCDM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Contact Center Management Portal (CCMP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Crosswork Change Automation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco CX Cloud Agent Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Data Center Network Manager (DCNM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Defense Orchestrator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco DNA Assurance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco DNA Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco DNA Spaces + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: DUO network gateway (on-prem/self-hosted) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Elastic Services Controller (ESC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Emergency Responder + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Enterprise Chat and Email + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Enterprise NFV Infrastructure Software (NFVIS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Evolved Programmable Network Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Extensible Network Controller (XNC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Finesse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Firepower Management Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Firepower Threat Defense (FTD) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco GGSN Gateway GPRS Support Node + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco HyperFlex System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Identity Services Engine (ISE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Integrated Management Controller (IMC) Supervisor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Intersight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Intersight Virtual Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco IOS and IOS XE Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco IoT Field Network Director (formerly Cisco Connected Grid Network + Management System) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco IoT Operations Dashboard + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco IOx Fog Director + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco IP Services Gateway (IPSG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Kinetic for Cities + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco MDS 9000 Series Multilayer Switches + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Meeting Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco MME Mobility Management Entity + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Modeling Labs + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Network Assessment (CNA) Tool + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Network Assurance Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Network Convergence System 2000 Series + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Network Planner + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Nexus 5500 Platform Switches + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Nexus 5600 Platform Switches + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Nexus 6000 Series Switches + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Nexus 7000 Series Switches + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure + (ACI) mode + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Nexus Dashboard (formerly Cisco Application Services Engine) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Nexus Data Broker + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Nexus Insights + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Optical Network Planner + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Packaged Contact Center Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Paging Server (InformaCast) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Paging Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco PDSN/HA Packet Data Serving Node and Home Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco PGW Packet Data Network Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Policy Suite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Prime Central for Service Providers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Prime Collaboration Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Prime Collaboration Provisioning + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Prime Infrastructure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Prime License Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Prime Network + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Prime Optical for Service Providers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Prime Provisioning + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Prime Service Catalog + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Registered Envelope Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco SD-WAN vEdge 1000 Series Routers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco SD-WAN vEdge 2000 Series Routers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco SD-WAN vEdge 5000 Series Routers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco SD-WAN vEdge Cloud Router Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco SD-WAN vManage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Secure Network Analytics (SNA), formerly Stealthwatch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco SocialMiner + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco TelePresence Management Suite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco UCS Director + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco UCS Performance Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Umbrella + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Unified Attendant Console Advanced + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Unified Attendant Console Business Edition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Unified Attendant Console Department Edition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Unified Attendant Console Enterprise Edition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Unified Attendant Console Premium Edition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Unified Communications Manager Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Unified Contact Center Enterprise - Live Data server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Unified Contact Center Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Unified Contact Center Express + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Unified Intelligent Contact Management Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Unified SIP Proxy Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Video Surveillance Operations Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Virtualized Voice Browser + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Vision Dynamic Signage Director + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco WAN Automation Engine (WAE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Web Security Appliance (WSA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Webex Cloud-Connected UC (CCUC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Webex Meetings Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Webex Teams + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Cisco Wide Area Application Services (WAAS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Duo + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: duo network gateway (on-prem/self-hosted) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Exony Virtualized Interaction Manager (VIM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cisco + product: Managed Services Accelerator (MSX) Network Access Control Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Citrix + product: Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All Platforms + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: Citrix continues to investigate any potential impact on Citrix-managed + cloud services. If, as the investigation continues, any Citrix-managed services + are found to be affected by this issue, Citrix will take immediate action to + remediate the problem. Customers using Citrix-managed cloud services do not + need to take any action. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Citrix + product: Citrix Application Delivery Management (NetScaler MAS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All Platforms + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: Citrix continues to investigate any potential impact on Citrix-managed + cloud services. If, as the investigation continues, any Citrix-managed services + are found to be affected by this issue, Citrix will take immediate action to + remediate the problem. Customers using Citrix-managed cloud services do not + need to take any action. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Citrix + product: Citrix Cloud Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: Citrix continues to investigate any potential impact on Citrix-managed + cloud services. If, as the investigation continues, any Citrix-managed services + are found to be affected by this issue, Citrix will take immediate action to + remediate the problem. Customers using Citrix-managed cloud services do not + need to take any action. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Citrix + product: Citrix Connector Appliance for Cloud Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: Citrix continues to investigate any potential impact on Citrix-managed + cloud services. If, as the investigation continues, any Citrix-managed services + are found to be affected by this issue, Citrix will take immediate action to + remediate the problem. Customers using Citrix-managed cloud services do not + need to take any action. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Citrix + product: Citrix Content Collaboration (ShareFile Integration) – Citrix Files for + Windows, Citrix Files for Mac, Citrix Files for Outlook + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: Citrix continues to investigate any potential impact on Citrix-managed + cloud services. If, as the investigation continues, any Citrix-managed services + are found to be affected by this issue, Citrix will take immediate action to + remediate the problem. Customers using Citrix-managed cloud services do not + need to take any action. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Citrix + product: Citrix Endpoint Management (Citrix XenMobile Server) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: 'For CVE-2021-44228 and CVE-2021-45046: Impacted–Customers are advised + to apply the latest CEM rolling patch updates listed below as soon as possible + to reduce the risk of exploitation. [XenMobile Server 10.14 RP2](https://support.citrix.com/article/CTX335763); + [XenMobile Server 10.13 RP5](https://support.citrix.com/article/CTX335753); + and [XenMobile Server 10.12 RP10](https://support.citrix.com/article/CTX335785). + Note: Customers who have upgraded their XenMobile Server to the updated versions + are recommended not to apply the responder policy mentioned in the blog listed + below to the Citrix ADC vserver in front of the XenMobile Server as it may impact + the enrollment of Android devices. For CVE-2021-45105: Investigation in progress.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Citrix + product: Citrix Hypervisor (XenServer) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: Citrix continues to investigate any potential impact on Citrix-managed + cloud services. If, as the investigation continues, any Citrix-managed services + are found to be affected by this issue, Citrix will take immediate action to + remediate the problem. Customers using Citrix-managed cloud services do not + need to take any action. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Citrix + product: Citrix License Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: Citrix continues to investigate any potential impact on Citrix-managed + cloud services. If, as the investigation continues, any Citrix-managed services + are found to be affected by this issue, Citrix will take immediate action to + remediate the problem. Customers using Citrix-managed cloud services do not + need to take any action. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Citrix + product: Citrix SD-WAN + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All Platforms + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: Citrix continues to investigate any potential impact on Citrix-managed + cloud services. If, as the investigation continues, any Citrix-managed services + are found to be affected by this issue, Citrix will take immediate action to + remediate the problem. Customers using Citrix-managed cloud services do not + need to take any action. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Citrix + product: ShareFile Storage Zones Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: Citrix continues to investigate any potential impact on Citrix-managed + cloud services. If, as the investigation continues, any Citrix-managed services + are found to be affected by this issue, Citrix will take immediate action to + remediate the problem. Customers using Citrix-managed cloud services do not + need to take any action. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Citrix + product: Citrix Virtual Apps and Desktops (XenApp & XenDesktop) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: 'IMPACTED: Linux VDA (non-LTSR versions only)- CVE-2021-44228 and CVE-2021-45046: + Customers are advised to apply the latest update as soon as possible to reduce + the risk of exploitation. [Linux Virtual Delivery Agent 2112](https://www.citrix.com/downloads/citrix-virtual-apps-and-desktops/components/linux-vda-2112.html). + See the [Citrix Statement](https://support.citrix.com/article/CTX335705) for + additional mitigations. For CVE-2021-45105: Investigation has shown that Linux + VDA is not impacted. Nonetheless, the Linux VDA 2112 has been updated (21.12.0.30, + released December 20th) to contain Apache log4j version 2.17.0. NOT IMPACTED: + Linux VDA LTSR all versions; All other CVAD components.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Citrix + product: Citrix Workspace App + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All Platforms + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: Citrix continues to investigate any potential impact on Citrix-managed + cloud services. If, as the investigation continues, any Citrix-managed services + are found to be affected by this issue, Citrix will take immediate action to + remediate the problem. Customers using Citrix-managed cloud services do not + need to take any action. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Claris + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.claris.com/s/article/CVE-2021-44228-Apache-Log4j-Vulnerability-and-Claris-products?language=en_US + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: AM2CM Tool + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Ambari + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Only versions 2.x + - 1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Arcadia Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Only version 7.1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: CDH, HDP, and HDF + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Only version 6.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: CDP Operational Database (COD) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: CDP Private Cloud Base + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Only version 7.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: CDS 3 Powered by Apache Spark + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: CDS 3.2 for GPUs + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Cybersecurity Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Data Engineering (CDE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Data Engineering (CDE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Data Flow (CFM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Data Science Workbench (CDSW) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Only versions 2.x + - 3.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Data Visualization (CDV) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Data Warehouse (CDW) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Data Warehouse (CDW) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera DataFlow (CDF) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Edge Management (CEM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Only version 6.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Flow Management (CFM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Machine Learning (CML) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Machine Learning (CML) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication + Manager) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication + Manager) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Only versions 7.0.x + - 7.1.x + - 7.2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Manager (Including Backup Disaster Recovery (BDR)) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Runtime (including Cloudera Data Hub and all Data Hub templates) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Only versions 7.0.x + - 7.1.x + - 7.2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Stream Processing (CSP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Streaming Analytics (CSA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Cloudera Streaming Analytics (CSA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Data Analytics Studio (DAS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Data Catalog + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Data Lifecycle Manager (DLM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Data Steward Studio (DSS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Hortonworks Data Flow (HDF) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Hortonworks Data Platform (HDP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Only versions 7.1.x + - 2.7.x + - 2.6.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Hortonworks DataPlane Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Management Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Management Console for CDP Public Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Replication Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: SmartSense + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Workload Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Workload XM (SaaS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudera + product: Workload XM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: CloudFlare + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudian HyperStore + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloudian-support.force.com/s/article/SECURITY-Cloudian-HyperStore-Log4j-vulnerability-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudogu + product: Ecosystem + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.cloudogu.com/t/security-vulnerability-log4shell-cve-2021-44228/417 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudogu + product: SCM-Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://scm-manager.org/blog/posts/2021-12-13-log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cloudron + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.cloudron.io/topic/6153/log4j-and-log4j2-library-vulnerability?lang=en-US + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Clover + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.clover.com/articles/35868/apache-log4j-vulnerability-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Code42 + product: Code42 App + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 8.8.1 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://success.code42.com/hc/en-us/articles/4416158712343-RELEASE-NOTIFICATION-Code42-Vulnerability-Mitigation-for-CVE-2021-44228-and-other-updates + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Code42 + product: Crashplan + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '8.8' + - possibly prior versions + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://success.code42.com/hc/en-us/articles/4416158712343-RELEASE-NOTIFICATION-Code42-Vulnerability-Mitigation-for-CVE-2021-44228-and-other-updates + notes: I think, they don't specify in the notice, but we know that they released + an updated Crashplan client. Possibly prior versions affected. + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: CodeBeamer + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://codebeamer.com/cb/wiki/19872365 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Codesys + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.codesys.com/news-events/news/article/log4j-not-used-in-codesys.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cohesity + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.cohesity.com/s/article/Security-Advisory-Apache-Log4j-Remote-Code-Execution-RCE-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: CommVault + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://documentation.commvault.com/v11/essential/146231_security_vulnerability_and_reporting.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Concourse + product: Concourse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/concourse/concourse/discussions/7887 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: ConcreteCMS.com + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.concretecms.com/about/blog/security/concrete-log4j-zero-day-exploit + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Confluent + product: Confluent Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - N/A + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Confluent + product: Confluent Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <7.0.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Confluent + product: Confluent for Kubernetes + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Confluent + product: Confluent Kafka Connectors + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Confluent + product: Confluent ElasticSearch Sink Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <11.1.7 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Confluent + product: Confluent Google DataProc Sink Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <1.1.5 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Confluent + product: Confluent Splunk Sink Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <2.05 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Confluent + product: Confluent HDFS 2 Sink Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <10.1.3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Confluent + product: Confluent HDFS 3 Sink Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <1.1.8 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Confluent + product: Confluent VMWare Tanzu GemFire Sink Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <1.0.8 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Connect2id + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://connect2id.com/blog/connect2id-server-12-5-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: ConnectWise + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.connectwise.com/company/trust/advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: ContrastSecurity + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.contrastsecurity.com/hc/en-us/articles/4412612486548 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: ControlUp + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://status.controlup.com/incidents/qqyvh7b1dz8k + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: COPADATA + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.copadata.com/en/support-services/knowledge-base-faq/pare-products-in-the-zenon-product-family-affect-4921/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: CouchBase + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: CPanel + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Cradlepoint + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cradlepoint.com/vulnerability-alerts/cve-2021-44228-apache-log4j-security-vulnerabilities/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Crestron + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.crestron.com/Security/Security_Advisories/Apache-Log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: CrushFTP + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.crushftp.com/download.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: CryptShare + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.cryptshare.com/en/support/cryptshare-support/#c67572 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: CyberArk + product: Privileged Threat Analytics (PTA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - N/A + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cyberark-customers.force.com/s/article/Critical-Vulnerability-CVE-2021-44228 + notes: '' + references: + - This advisory is available to customers only and has not been reviewed by + CISA. + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Cybereason + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: CyberRes + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.microfocus.com/cyberres/b/sws-22/posts/summary-of-cyberres-impact-from-log4j-or-logshell-logjam-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: DarkTrace + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://customerportal.darktrace.com/inside-the-soc/get-article/201 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Dassault Systèmes + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.dsxclient.3ds.com/mashup-ui/page/resultqa?id=QA00000102301e + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Databricks + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.google.com/document/d/e/2PACX-1vREjwZk17BAHGwj5Phizi4DPFS9EIUbAMX-CswlgbFwqwKXNKZC8MrT-L6wUgfIChsSHtvd_QD3-659/pub + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Datadog + product: Datadog Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '>=6.17.0' + - <=6.32.2 + - '>=7.17.0' + - <=7.32.2 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.datadoghq.com/log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Dataminer + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.dataminer.services/responding-to-log4shell-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Datev + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.datev-community.de/t5/Freie-Themen/Log4-J-Schwachstelle/m-p/258185/highlight/true#M14308 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Datto + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.datto.com/blog/dattos-response-to-log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: dCache.org + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dcache.org/post/log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Debian + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security-tracker.debian.org/tracker/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Deepinstinct + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.deepinstinct.com/blog/log4shell-cve-2021-44228-what-you-need-to-know + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:51+00:00' + - vendor: Dell + product: Alienware Command Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Alienware OC Controls + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Alienware On Screen Display + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Alienware Update + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Atmos + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Azure Stack HCI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: CalMAN Powered Calibration Firmware + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: CalMAN Ready for Dell + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Centera + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Chameleon Linux Based Diagnostics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Chassis Management Controller (CMC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: China HDD Deluxe + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Cloud Mobility for Dell EMC Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Cloud Tiering Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Connectrix (Cisco MDS 9000 switches) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Connextrix B Series + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: CyberSecIQ Application + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: CyberSense for PowerProtect Cyber Recovery + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell BSAFE Crypto-C Micro Edition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell BSAFE Crypto-J + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell BSAFE Micro Edition Suite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Calibration Assistant + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Cinema Color + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Cloud Command Repository Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Cloud Management Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Color Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Command Configure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Command Integration Suite for System Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Command Intel vPro Out of Band + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Command Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Command Power Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Command PowerShell Provider + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Command Update + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Customer Connect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Data Guardian* + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Data Protection* + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Data Recovery Environment + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Data Vault + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Data Vault for Chrome OS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Deployment Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Digital Delivery + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Direct USB Key + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Display Manager 1.5 for Windows / macOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Display Manager 2.0 for Windows / macOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC AppSync + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Cloudboost + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC CloudLink + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Container Storage Modules + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Data Computing Appliance (DCA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Data Protection Advisor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC DataIQ + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Disk Library for Mainframe + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC GeoDrive + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Isilon InsightIQ + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC License Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Networking Onie + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC OpenManage Ansible Modules + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC OpenManage integration for Splunk + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC OpenManage Integration for VMware vCenter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC OpenManage Management pack for vRealize Operations + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC OpenManage Operations Connector for Micro Focus Operations Bridge + Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: '"Dell EMC PowerMax VMAX VMAX3 and VMAX AFA"' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerPath + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerPath Management Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerProtect Cyber Recovery + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerScale OneFS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerShell for PowerMax + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerShell for Powerstore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerShell for Unity + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: '"Dell EMC PowerSwitch Z9264F-ON BMC Dell EMC PowerSwitch Z9432F-ON BMC"' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerVault ME4 Series Storage Arrays + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerVault MD3 Series Storage Arrays + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Repository Manager (DRM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC SourceOne + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Systems Update (DSU) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Unisphere 360 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Virtual Storage Integrator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC VPLEX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC XtremIO + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Encryption Enterprise* + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Encryption Personal* + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Endpoint Security Suite Enterprise* + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Hybrid Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell ImageAssist + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Insights Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Linux Assistant + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Mobile Connect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Monitor ISP (Windows/Mac/Linux) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Monitor SDK + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Networking X-Series + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Open Manage Mobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Open Manage Server Administrator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell OpenManage Change Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell OpenManage Enterprise Power Manager Plugin + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Optimizer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell OS Recovery Tool + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Peripheral Manager 1.4 / 1.5 for Windows + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Platform Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Power Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Power Manager Lite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Precision Optimizer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Precision Optimizer for Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Premier Color + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Recovery (Linux) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Remediation Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Remote Execution Engine (DRONE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Security Advisory Update - DSA-2021-088 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Security Management Server & Dell Security Management Server Virtual* + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell SupportAssist SOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Thin OS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Threat Defense + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell True Color + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Trusted Device + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Update + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dream Catcher + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: DUP Creation Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: DUP Framework (ISG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Embedded NAS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Embedded Service Enabler + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Equallogic PS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Fluid FS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: iDRAC Service Module (iSM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Infinity MLK (firmware) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Integrated Dell Remote Access Controller (iDRAC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: ISG Accelerators + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: ISG Board & Electrical + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: IsilonSD Management Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: IVE-WinDiag + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Mainframe Enablers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: My Dell + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: MyDell Mobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: NetWorker Management Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Networking BIOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Networking DIAG + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Networking N-Series + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Networking OS 10 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Networking OS9 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Networking SD-WAN Edge SD-WAN + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Networking W-Series + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Networking X-Series + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: OMIMSSC (OpenManage Integration for Microsoft System Center) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: OMNIA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: OpenManage Connections - Nagios + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: OpenManage Connections - ServiceNow + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: OpenManage Integration for Microsoft System Center for System Center + Operations Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: OpenManage Integration with Microsoft Windows Admin Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: OpenManage Network Integration + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: PowerConnect N3200 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: PowerConnect PC2800 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: PowerConnect PC8100 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: PowerEdge BIOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: PowerEdge Operating Systems + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: PowerTools Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: PPDM Kubernetes cProxy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: PPDM VMware vProxy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Redtail + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Remotely Anywhere + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Riptide (firmware) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Rugged Control Center (RCC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: SD ROM Utility + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: SDNAS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Server Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Smart Fabric Storage Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: SmartByte + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: SMI-S + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Software RAID + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Solutions Enabler + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Solutions Enabler vApp + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Sonic + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: SRS VE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Storage Center OS and additional SC applications unless otherwise noted + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: SupportAssist Client Commercial + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: SupportAssist Client Consumer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: UCC Edge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Unisphere for PowerMax + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Unisphere for PowerMax vApp + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Unisphere for VMAX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Unisphere for VNX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Update Manager Plugin + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: ViPR Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: VNX1 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: VNX2 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: VPLEX VS2/VS6 / VPLEX Witness + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Vsan Ready Nodes + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Warnado MLK (firmware) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Wyse Proprietary OS (ThinOS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Wyse Windows Embedded Suite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: APEX Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - N/A + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Cloud environment patched + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: APEX Data Storage Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Cloud environment patch in progress + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Cloud IQ + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Cloud environment patched + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Connectrix (Cisco MDS DCNM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/23/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Connectrix B-Series SANnav + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.1.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 3/31/2022 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Data Domain OS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Versions between 7.3.0.5 and 7.7.0.6;Versions before 7.6.0.30 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-274 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Avamar + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"18.2 19.1 19.2 19.3 19.4"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/20/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC BSN Controller Node + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-305 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Cloud Disaster Recovery + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - N/A + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Data Protection Central + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021- 269 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Data Protection Search + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Versions before 19.5.0.7 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-279 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC ECS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/18/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Enterprise Hybrid Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '[link](https://www.dell.com/support/kbdoc/en-us/000194490/dsa-2021-270-enterprise-hybrid-cloud-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Enterprise Storage Analytics for vRealize Operations + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"<6.0.0 6.1.0 6.2.x"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-278 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Integrated System for Azure Stack HCI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - N/A + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '"Dell EMC Integrated System for Azure Stack HCI is not impacted by this + advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect + Gateway (SCG) were optionally installed with Dell EMC Integrated System for + Azure Stack HCI monitor the following advisories. Apply workaround guidance + and remediations as they become [available:](https://www.dell.com/support/kbdoc/en-us/000194622/dsa-2021-307-dell-emc-integrated-system-for-azure-stack-hci-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Integrated System for Microsoft Azure Stack Hub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - N/A + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC NetWorker Virtual Edition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"19.5.x 19.4.x 19.3.x"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/20/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC NetWorker Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"19.5.x 19.4.x 19.3.x"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/20/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Networking Virtual Edge Platform with VersaOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"with Versa Concerto with Versa Analytics with Versa Concero Director"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-304 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerFlex Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"All versions up to Intelligent Catalog 38_356_00_r10.zip All versions + up to Intelligent Catalog 38_362_00_r7.zip"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerFlex Software (SDS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"3.5 3.5.1 3.5.1.1 3.5.1.2 3.5.1.3 3.5.1.4 3.6 3.6.0.1 3.6.0.2"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerFlex Rack + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - N/A + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerProtect Data Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions 19.9 and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerProtect DP Series Appliance (iDPA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.7.0 and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerStore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/23/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC RecoverPoint for Virtual Machine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All 5.0.x and later versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC RecoverPoint Classic + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All 5.1.x and later versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC SRM vApp + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Versions before 4.6.0.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 1/25/2022 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Streaming Data Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/18/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Unity + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/29/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Metro Node + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 7.0.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-308 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC VxRail + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"4.5.x 4.7.x 7.0.x"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Open Management Enterprise - Modular + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <1.40.10 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-268 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: DellEMC OpenManage Enterprise Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/20/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: OpenManage Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/19/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Ruckus SmartZone 300 Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-303 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Ruckus SmartZone 100 Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-303 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Ruckus Virtual Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-303 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Secure Connect Gateway (SCG) Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"5.00.00 5.00.05 and 4.0.06 and earlier versions (OVF and VHD)"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-282 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Secure Connect Gateway (SCG) Policy Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"5.00.00.10 5.00.05.10"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-281 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: SRS Policy Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '7' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Storage Center - Dell Storage Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: SupportAssist Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/23/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Unisphere Central + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 1/10/2022 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Vblock + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending See vce6771 (requires customer login) + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: VNXe 1600 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Versions 3.1.16.10220572 and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/19/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: VNXe 3200 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Version 3.1.15.10216415 and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/19/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: VxBlock + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '"Patch pending See vce6771 (requires customer login) "' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Various + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-300 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: vRO Plugin for Dell EMC PowerMax + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Version 1.2.3 or earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-300 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: vRO Plugin for Dell EMC PowerScale + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Version 1.1.0 or earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-300 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: vRO Plugin for Dell EMC PowerStore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Version 1.1.4 or earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-300 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: vRO Plugin for Dell EMC Unity + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Version 1.0.6 or earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-300 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: vRO Plugin for Dell EMC XtremIO + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Version 4.1.2 or earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-300 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: vRealize Data Protection Extension Data Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/19/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: vRealize Data Protection Extension for vRealize Automation (vRA) 8.x + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"version 19.6 version 19.7 version 19.8 and version 19.9"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/19/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: VMware vRealize Automation 8.x + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"8.2 8.3 8.4 8.5 and 8.6"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/19/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: VMware vRealize Orchestrator 8.x + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"8.2 8.3 8.4 8.5 and 8.6"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/19/21 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Wyse Management Suite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <3.5 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-267 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Deltares + product: Delft-FEWS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '>2018.02' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://publicwiki.deltares.nl/display/FEWSDOC/Delft-FEWS+and+Log4J+vulnerability + notes: Mitigations Only + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Denequa + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://denequa.de/log4j-information.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: Device42 + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.device42.com/2021/12/13/log4j-zero-day/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: Devolutions + product: All products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.devolutions.net/2021/12/critical-vulnerability-in-log4j/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: Diebold Nixdorf + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dieboldnixdorf.com/en-us/apache + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: Digi International + product: CTEK G6200 family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: CTEK SkyCloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: CTEK Z45 family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi 54xx family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi 63xx family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi AnywhereUSB (G2) family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi AnywhereUSB Plus family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Connect family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Connect EZ family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Connect IT family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi ConnectPort family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi ConnectPort LTS family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Connect Sensor family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Connect WS family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Embedded Android + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Embedded Yocto + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi EX routers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi IX routers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi LR54 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi One family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Passport family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi PortServer TS family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi TX routers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi WR11 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi WR21 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi WR31 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi WR44R/RR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi WR54 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi WR64 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: AnywhereUSB Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Aview + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: ARMT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: AVWOB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Navigator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Remote Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Xbee mobile app + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Lighthouse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Realport + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Remote Hub Config Utility + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Digicert + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://knowledge.digicert.com/alerts/digicert-log4j-response.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: Digital AI + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.digital.ai/hc/en-us/articles/4412377686674-Log4J-Vulnerability-to-Zero-Day-Exploit-and-Digital-ai#overview-0-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: DNSFilter + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dnsfilter.com/blog/dnsfilter-response-to-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: Docker + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: Docusign + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: DrayTek + product: Vigor Routers, Access Points, Switches, VigorACS Central Management Software, + MyVigor Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.draytek.com/about/security-advisory/log4shell-vulnerability-(cve-2021-44228)/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: DSpace + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://groups.google.com/g/dspace-community/c/Fa4VdjiiNyE + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: Dynatrace + product: Managed cluster nodes + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ + notes: Please see Dynatrace Communication for details + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Dynatrace + product: SAAS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Dynatrace + product: FedRamp SAAS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Dynatrace + product: Synthetic public locations + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Dynatrace + product: Synthetic Private ActiveGate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ + notes: Please see Dynatrace Communication for details + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Dynatrace + product: ActiveGate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Dynatrace + product: OneAgent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Dynatrace + product: Dynatrace Extensions + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ + notes: Please see Dynatrace Communication for details + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: EasyRedmine + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.easyredmine.com/news/easy-redmine-application-is-not-affected-by-the-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: Eaton + product: Undisclosed + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Undisclosed + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Security-Bulletin%20log4j_CVE_2021_44228_v1.0_Legal-Approved.pdf + notes: Doesn't openly disclose what products are affected or not for quote 'security + purposes'. Needs email registration. No workaround provided due to registration + wall. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: EclecticIQ + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.eclecticiq.com/security-advisories/security-issues-and-mitigation-actions/eiq-2021-0016-2 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: Eclipse Foundation + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://wiki.eclipse.org/Eclipse_and_log4j2_vulnerability_(CVE-2021-44228) + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: EFI + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://communities.efi.com/s/article/Are-Fiery-Servers-vulnerable-to-CVE-2021-44228-Apache-Log4j2?language=en_US + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: EGroupware + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.egroupware.org/t/uk-de-statement-log4j-log4shell/76430 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: Elastic + product: APM Java Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: APM Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Beats + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Cmd + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Elastic Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Elastic Cloud Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Elastic Cloud Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Elastic Cloud on Kubernetes + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Elastic Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Elastic Endgame + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Elastic Maps Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Elasticsearch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '5' + - '6' + - '8' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Endpoint Security + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Enterprise Search + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Fleet Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Kibana + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Logstash + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <6.8.21 + - <7.16.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Machine Learning + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Swiftype + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: ElasticSearch + product: all products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:52+00:00' + - vendor: Ellucian + product: Banner Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Colleague + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: On-prem and cloud deployements expect fixed 12/18/2021 + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Admin + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Enterprise Identity Services(BEIS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Banner Integration for eLearning + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Banner Integration for eProcurement + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Banner Workflow + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Banner Document Management (includes Banner Document Retention) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Advance Web Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian eTranscripts + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Mobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Solution Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Banner Event Publisher + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Banner Self Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Colleague Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: CRM Advance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: CRM Advise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: CRM Recruit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Data Access + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Design Path + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian ePrint + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Ethos API & API Management Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Ethos Extend + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Ethos Integration + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Experience + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Intelligent Platform (ILP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian International Student and Scholar Management (ISSM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Message Service (EMS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Messaging Adapter (EMA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Payment Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Ellucian Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Workflow + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian PowerCampus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: K-Series Coriolis Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Prolink Configuration Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Prolink Mobile Application & ProcessViz Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 4732 Endeavor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Vortex and Magmeter Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: USM 3410 and 3810 Series Ultrasonic Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Mark III Gas and Liquid USM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Flarecheck FlowCheck Flowel & PWAM software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: MPFM2600 & MPFM5726 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: DHNC1 DHNC2 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: WCM SWGM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Fieldwatch and Service consoles + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 5726 Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Plantweb Advisor for Metrology and Metering Suite SDK + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless + Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle + Monitor' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: K-Series Coriolis Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Prolink Configuration Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Prolink Mobile Application & ProcessViz Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 4732 Endeavor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Vortex and Magmeter Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: USM 3410 and 3810 Series Ultrasonic Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Mark III Gas and Liquid USM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Flarecheck FlowCheck Flowel & PWAM software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: MPFM2600 & MPFM5726 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: DHNC1 DHNC2 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: WCM SWGM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Fieldwatch and Service consoles + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 5726 Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Plantweb Advisor for Metrology and Metering Suite SDK + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless + Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle + Monitor' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Incus Ultrasonic gas leak detector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Flame Detection: 975UF & 975UR Infrared Flame Detectors 975HR Infrared + Hydrogen Flame Detector 975MR Multi-Spectrum Infrared Flame Detector' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Liquid Transmitters: 5081 1066 1056 1057 56' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Combustion: OCX OXT 6888 CX1100 6888Xi' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Spectrex family Flame Detectors and Rosemount 975 flame detector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT4400 QCL General Purpose Continuous Gas Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT5400 QCL General Purpose Continuous Gas Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT5100 QCL Field Housing Continuous Gas Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT5800 QCL Flameproof Housing Continuous Gas Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT4215 QCL Packaging Leak Detection System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT2211 QCL Aerosol Microleak Detection System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT4404 QCL pMDI Leak Detection Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT4000 QCL Marine OEM Gas Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT3000 QCL Automotive OEM Gas Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 3051 & 3051S Pressure transmitter families + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 2051 Pressure Transmitter Family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 4088 Pressure Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 2088 Pressure Transmitter Family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 2090F/2090P Pressure Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 4600 Pressure Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 215 Pressure Sensor Module + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 550 PT Pressure Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 326P Pressure Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 3144P Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 644 Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 848T Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 148 Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 248 Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 326T Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 327T Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 648 Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 4088 Upgrade Utility + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Engineering Assistant 5.x & 6.x + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 248 Configuration Application + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount IO-Link Assistant + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount TankMaster and TankMaster Mobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount RadarMaster and RadarMaster Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount Radar Configuration Tool + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount 2460 System Hub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount 2410 Tank Hub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount 3490 Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount 2230 Graphical Field Display + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount 2240S Multi-input Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount CMS/SCU 51/SCC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount CMS/WSU 51/SWF 51 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount CMS/IOU 61 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount Level Transmitters (14xx 33xx 53xx 54xx 56xx) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount Radar Level Gauges (Pro 39xx 59xx) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount Tank Radar Gauges (TGUxx) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount Level Detectors (21xx) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Emerson Aperio software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: EnterpriseDT + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://enterprisedt.com/blogs/announcements/enterprisedt-does-not-use-log4j/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: ESET + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.eset.com/en/alert8188-information-regarding-the-log4j2-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: ESRI + product: ArcGIS Data Store + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ + notes: Requires script remediation. ESRI has created scripts to remove the JndiLookup + class, but has not issued patches to upgrade the Log4j versions + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: ESRI + product: ArcGIS Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ + notes: Requires script remediation. ESRI has created scripts to remove the JndiLookup + class, but has not issued patches to upgrade the Log4j versions + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: ESRI + product: ArcGIS GeoEvent Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ + notes: Requires script remediation. ESRI has created scripts to remove the JndiLookup + class, but has not issued patches to upgrade the Log4j versions + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: ESRI + product: ArcGIS Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ + notes: Requires script remediation. ESRI has created scripts to remove the JndiLookup + class, but has not issued patches to upgrade the Log4j versions + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: ESRI + product: ArcGIS Workflow Manager Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ + notes: Requires script remediation. ESRI has created scripts to remove the JndiLookup + class, but has not issued patches to upgrade the Log4j versions + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: ESRI + product: Portal for ArcGIS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ + notes: Requires script remediation. ESRI has created scripts to remove the JndiLookup + class, but has not issued patches to upgrade the Log4j versions + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Estos + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.estos.de/de/sicherheitshinweise/estos-von-kritischer-schwachstelle-in-log4j-cve-2021-44228-nicht-betroffen + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Evolveum Midpoint + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://evolveum.com/midpoint-not-vulnerable-to-log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Ewon + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://hmsnetworks.blob.core.windows.net/www/docs/librariesprovider10/downloads-monitored/manuals/release-notes/ecatcher_releasenotes.txt?sfvrsn=4f054ad7_42 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Exabeam + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.exabeam.com/s/discussions?t=1639379479381 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Exact + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.exact.com/news/general-statement-apache-leak + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Exivity + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.exivity.com/getting-started/releases/announcements#announcement-regarding-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: ExtraHop + product: Reveal(x) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <=8.4.6 + - <=8.5.3 + - <=8.6.4 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.extrahop.com/t/extrahop-update-on-log4shell/8148 + notes: Versions >8.4.7, >8.5.4, >8.6.5 and >=8.7 are fixed. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: eXtreme Hosting + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://extremehosting.nl/log4shell-log4j/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Extreme Networks + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://extremeportal.force.com/ExtrArticleDetail?an=000100806 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Extron + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.extron.com/featured/Security-at-Extron/extron-security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F-Secure + product: Elements Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.f-secure.com/common-business-en/kb/articles/9226-the-log4j-vulnerability-cve-2021-44228-which-f-secure-products-are-affected-what-it-means-what-steps-should-you-take + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F-Secure + product: Endpoint Proxy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 13-15 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://status.f-secure.com/incidents/sk8vmr0h34pd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F-Secure + product: Messaging Security Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.f-secure.com/common-business-en/kb/articles/9226-the-log4j-vulnerability-cve-2021-44228-which-f-secure-products-are-affected-what-it-means-what-steps-should-you-take + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F-Secure + product: Policy Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 13-15 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://status.f-secure.com/incidents/sk8vmr0h34pd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F-Secure + product: Policy Manager Proxy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 13-15 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://status.f-secure.com/incidents/sk8vmr0h34pd + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F5 + product: BIG-IP (all modules) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 11.x - 16.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F5 + product: BIG-IQ Centralized Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 7.x-8.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F5 + product: F5OS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 1.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F5 + product: Traffix SDC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 5.x (5.2.0 CF1 + - 5.1.0 CF-30 - 5.1.0 CF-33) + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: 'Vulnerable components: EMS-ELK components (Fluentd + Elastic Search + + Kibana), Element Management System' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F5 + product: NGINX Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - R19 - R25 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F5 + product: NGINX Open Source + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 1.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F5 + product: NGINX Unit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 1.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F5 + product: NGINX App Protect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 3.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F5 + product: NGINX Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 3.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F5 + product: NGINX Ingress Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 1.x - 2.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F5 + product: NGINX Instance Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 1.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: F5 + product: NGINX Service Mesh + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 1.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: FAST LTA + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.fast-lta.de/en/log4j2-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fastly + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: FedEx + product: Ship Manager Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - Unknown + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fedex.com/en-us/shipping/ship-manager/software.html#tab-4 + notes: 'Note: FedEx is aware of the issue related to the Log4j Remote Code Execution + vulnerability affecting various Apache products. We are actively assessing the + situation and taking necessary action as appropriate. As a result, we are temporarily + unable to provide a link to download the FedEx Ship Manager software or generate + product keys needed for registration of FedEx Ship Manager software. We are + working to have this resolved as quickly as possible and apologize for the inconvenience. + For related questions or the most updated information, customers should check + FedEx Updates for Apache Log4j Issue or contact their Customer Technology representative.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Fiix + product: Fiix CMMS Core + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - v5 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: The product has been updated to Log4j version 2.15. An additional patch + is being developed to update to 2.16. No user interaction is required. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: FileCap + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://mailchi.mp/3f82266e0717/filecap-update-version-511 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: FileCatalyst + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.filecatalyst.com/index.php/Knowledgebase/Article/View/advisory-log4j-zero-day-security-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: FileCloud + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.getfilecloud.com/supportdocs/display/cloud/Advisory+2021-12-2+Impact+of+Apache+Log4j2+Vulnerability+on+FileCloud+Customers + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: FileWave + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.filewave.com/display/KB/Security+Notice:+Apache+log4j+Vulnerability+CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: FINVI + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://finvi.com/support/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: FireDaemon + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.firedaemon.com/support/solutions/articles/4000178630 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fisher & Paykel Healthcare + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fphcare.com/us/our-company/contact-us/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Flexagon + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://flexagon.com/what-is-the-impact-of-log4j-vulnerability-cve-2021-44228-on-flexdeploy/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Flexera + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.flexera.com/t5/Community-Notices/Flexera-s-response-to-Apache-Log4j-2-remote-code-execution/ba-p/216934 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Forcepoint + product: DLP Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Forcepoint + product: Forcepoint Cloud Security Gateway (CSG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Forcepoint + product: Next Generation Firewall (NGFW) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Forcepoint + product: Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service + and Sidewinder + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Forcepoint + product: One Endpoint + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Forcepoint + product: Security Manager (Web, Email and DLP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Forescout + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forescout.force.com/support/s/article/Important-security-information-related-to-Apache-Log4j-utility-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: ForgeRock + product: Autonomous Identity + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://backstage.forgerock.com/knowledge/kb/book/b21824339#1_bzBa + notes: all other ForgeRock products Not vulnerable + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiAIOps + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiAnalyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiAnalyzer Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiAP + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiAuthenticator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiCASB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiConvertor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiDeceptor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiEDR Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiEDR Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiGate Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiGSLB Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiMail + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiManager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiManager Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiNAC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiNAC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiOS (includes FortiGate & FortiWiFi) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiPhish Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiPolicy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiPortal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiRecorder + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiSIEM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiSOAR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiSwicth Cloud in FortiLANCloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiSwitch & FortiSwitchManager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiToken Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiVoice + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: FortiWeb Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fortinet + product: ShieldX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.fortiguard.com/psirt/FG-IR-21-245 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: FTAPI + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ftapi.com/blog/kritische-sicherheitslucke-in-log4j-ftapi-reagiert/# + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Fujitsu + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: FusionAuth + product: FusionAuth + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '1.32' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: GE Digital + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://digitalsupport.ge.com/communities/en_US/Alert/GE-Security-Advisories + notes: This advisory is available to customers only and has not been reviewed + by CISA. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: GE Digital Grid + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://digitalenergy.service-now.com/csm?id=kb_category&kb_category=b8bc715b879c89103f22a93e0ebb3585 + notes: This advisory is available to customers only and has not been reviewed + by CISA. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: GE Gas Power + product: Baseline Security Center (BSC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf + notes: Vulnerability to be fixed by vendor provided workaround. No user actions + necessary. Contact GE for details. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: GE Gas Power + product: Baseline Security Center (BSC) 2.0 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf + notes: Vulnerability to be fixed by vendor provided workaround. No user actions + necessary. Contact GE for details + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: GE Gas Power + product: Asset Performance Management (APM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf + notes: GE verifying workaround. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: GE Gas Power + product: Control Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf + notes: The Control Server is Affected via vCenter. There is a fix for vCenter. + Please see below. GE verifying the vCenter fix as proposed by the vendor. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: GE Gas Power + product: Tag Mapping Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf + notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16 + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: GE Healthcare + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://securityupdate.gehealthcare.com + notes: This advisory is not available at the time of this review, due to maintence + on the GE Healthcare website. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Gearset + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.gearset.com/en/articles/5806813-gearset-log4j-statement-dec-2021 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Genesys + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.genesys.com/blog/post/genesys-update-on-the-apache-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: GeoServer + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - http://geoserver.org/announcements/2021/12/13/logj4-rce-statement.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gerrit code review + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gerritcodereview.com/2021-12-13-log4j-statement.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: GFI + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Ghidra + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gigamon + product: Fabric Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <5.13.01.02 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.gigamon.com/gigamoncp/s/my-gigamon + notes: Updates available via the Gigamon Support Portal. This advisory available + to customers only and has not been reviewed by CISA. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: GitHub + product: GitHub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - GitHub.com and GitHub Enterprise Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: GitLab + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.gitlab.com/t/cve-2021-4428/62763 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Globus + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://groups.google.com/a/globus.org/g/discuss/c/FJK0q0NoUC4 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: GoAnywhere + product: MFT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 6.8.6 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-18T00:00:00' + - vendor: GoAnywhere + product: Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 2.8.4 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-18T00:00:00' + - vendor: GoAnywhere + product: MFT Agents + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 1.6.5 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-18T00:00:00' + - vendor: GoCD + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gocd.org/2021/12/14/log4j-vulnerability.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Google Cloud + product: AI Platform Data Labeling + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: AI Platform Neural Architecture Search (NAS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: AI Platform Training and Prediction + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Access Transparency + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Actifio + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and + has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) + for the full statement and to obtain the hotfix (available to Actifio customers + only). + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Anthos + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate + logging solution that uses Log4j 2. We strongly encourage customers who manage + Anthos environments to identify components dependent on Log4j 2 and update them + to the latest version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Anthos Config Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Anthos Connect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Anthos Hub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Anthos Identity Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Anthos Premium Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Anthos Service Mesh + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Anthos on VMWare + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check + VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds + to their VMware products as they become available. We also recommend customers + review their respective applications and workloads affected by the same vulnerabilities + and apply appropriate patches. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Apigee + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Apigee installed Log4j 2 in its Apigee Edge VMs, but the software was not + used and therefore the VMs were not impacted by the issues in CVE-2021-44228 + and CVE-2021-45046. Apigee updated Log4j 2 to v.2.16 as an additional precaution. + It is possible that customers may have introduced custom resources that are + using vulnerable versions of Log4j. We strongly encourage customers who manage + Apigee environments to identify components dependent on Log4j and update them + to the latest version. Visit the Apigee Incident Report for more information. + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Google Cloud + product: App Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate + logging solution that uses Log4j 2. We strongly encourage customers who manage + App Engine environments to identify components dependent on Log4j 2 and update + them to the latest version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: AppSheet + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: The AppSheet core platform runs on non-JVM (non-Java) based runtimes. At + this time, we have identified no impact to core AppSheet functionality. Additionally, + we have patched one Java-based auxiliary service in our platform. We will continue + to monitor for affected services and patch or remediate as required. If you + have any questions or require assistance, contact AppSheet Support. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Artifact Registry + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Assured Workloads + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: AutoML + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: AutoML Natural Language + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: AutoML Tables + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: AutoML Translation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: AutoML Video + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: AutoML Vision + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: BigQuery + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: BigQuery Data Transfer Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: BigQuery Omni + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: BigQuery Omni, which runs on AWS and Azure infrastructure, does not use + Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. + We continue to work with AWS and Azure to assess the situation. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Google Cloud + product: Binary Authorization + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Certificate Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Chronicle + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Cloud Asset Inventory + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Bigtable + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Google Cloud + product: Cloud Build + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate + logging solution that uses Log4j 2. We strongly encourage customers who manage + Cloud Build environments to identify components dependent on Log4j 2 and update + them to the latest version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud CDN + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Cloud Composer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. Cloud Composer does not use Log4j 2 and + is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. It is possible + that customers may have imported or introduced other dependencies via DAGs, + installed PyPI modules, plugins, or other services that are using vulnerable + versions of Log4j 2. We strongly encourage customers, who manage Composer environments + to identify components dependent on Log4j 2 and update them to the latest version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Google Cloud + product: Cloud Console App + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud DNS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Cloud Data Loss Prevention + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Debugger + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Deployment Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Endpoints + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud External Key Manager (EKM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Functions + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate + logging solution that uses Log4j 2. We strongly encourage customers who manage + Cloud Functions environments to identify components dependent on Log4j 2 and + update them to the latest version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Harware Security Module (HSM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Intrusion Detection System (IDS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Interconnect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Key Management Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Load Balancing + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Cloud Logging + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Network Address Translation (NAT) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Cloud Natural Language API + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Profiler + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Router + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Cloud Run + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate + logging solution that uses Log4j 2. We strongly encourage customers who manage + Cloud Run environments to identify components dependent on Log4j 2 and update + them to the latest version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Run for Anthos + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate + logging solution that uses Log4j 2. We strongly encourage customers who manage + Cloud Run for Anthos environments to identify components dependent on Log4j + 2 and update them to the latest version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud SDK + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud SQL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Google Cloud + product: Cloud Scheduler + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Shell + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate + logging solution that uses Log4j 2. We strongly encourage customers who manage + Cloud Shell environments to identify components dependent on Log4j 2 and update + them to the latest version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Source Repositories + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Spanner + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Google Cloud + product: Cloud Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Cloud Tasks + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Trace + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Traffic Director + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Cloud Translation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud VPN + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Cloud Vision + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Vision OCR On-Prem + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: CompilerWorks + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Compute Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Compute Engine does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. For those using Google Cloud VMware Engine, + we are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes + to Google Cloud VMware Engine as they become available. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Contact Center AI (CCAI) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Contact Center AI Insights + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Container Registry + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Data Catalog + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Data Catalog has been updated to mitigate the issues identified in CVE-2021-44228 + and CVE-2021-45046. We strongly encourage customers who introduced their own + connectors to identify dependencies on Log4j 2 and update them to the latest + version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Data Fusion + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Data Fusion does not use Log4j 2, but uses Dataproc as one of the options + to execute pipelines. Dataproc released new images on December 18, 2021 to address + the vulnerability in CVE-2021-44228 and CVE-2021-45046. Customers must follow + instructions in a notification sent on December 18, 2021 with the subject line + “Important information about Data Fusion.” + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Database Migration Service (DMS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Google Cloud + product: Dataflow + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: 'Dataflow does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228 + and CVE-2021-45046. If you have changed dependencies or default behavior, it + is strongly recommended you verify there is no dependency on vulnerable versions + Log4j 2. Customers have been provided details and instructions in a notification + sent on December 17, 2021 with the subject line “Update #1 to Important information + about Dataflow.”' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Google Cloud + product: Dataproc + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Dataproc released new images on December 18, 2021 to address the vulnerabilities + in CVE-2021-44228 and CVE-2021-45046. Customers must follow the instructions + in notifications sent on December 18, 2021 with the subject line “Important + information about Dataproc” with Dataproc documentation. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Dataproc Metastore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Dataproc Metastore has been updated to mitigate the issues identified in + CVE-2021-44228 and CVE-2021-45046. Customers who need to take actions were sent + two notifications with instructions on December 17, 2021 with the subject line + “Important information regarding Log4j 2 vulnerability in your gRPC-enabled + Dataproc Metastore.” + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Datastore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Google Cloud + product: Datastream + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Google Cloud + product: Dialogflow Essentials (ES) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Document AI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Event Threat Detection + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Eventarc + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Filestore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Log4j 2 is contained within the Filestore service; there is a technical + control in place that mitigates the vulnerabilities in CVE-2021-44228 and CVE-2021-45046. + Log4j 2 will be updated to the latest version as part of the scheduled rollout + in January 2022. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Firebase + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Firestore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Google Cloud + product: Game Servers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Google Cloud Armor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Google Cloud Armor Managed Protection Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Google Cloud VMware Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: We are working with VMware and tracking VMSA-2021-0028.1. We will deploy + fixes as they become available. + references: + - '' + reporter: cisagov + last_updated: '2021-12-11T00:00:00' + - vendor: Google Cloud + product: Google Kubernetes Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Google Kubernetes Engine does not use Log4j 2 and is not impacted by the + issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have + introduced a separate logging solution that uses Log4j 2. We strongly encourage + customers who manage Google Kubernetes Engine environments to identify components + dependent on Log4j 2 and update them to the latest version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Healthcare Data Engine (HDE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Human-in-the-Loop AI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: IoT Core + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Key Access Justifications (KAJ) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Looker + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: \Looker-hosted instances have been updated to a Looker version with Log4j v2.16. + Looker is currently working with third-party driver vendors to evaluate the + impact of the Log4j vulnerability. As Looker does not enable logging for these + drivers in Looker-hosted instances, no messages are logged. We conclude that + the vulnerability is mitigated. We continue to actively work with the vendors + to deploy a fix for these drivers. Looker customers who self-manage their Looker + instances have received instructions through their technical contacts on how + to take the necessary steps to address the vulnerability. Looker customers who + have questions or require assistance, please visit Looker Support. + references: + - '' + reporter: cisagov + last_updated: '2021-12-18T00:00:00' + - vendor: Google Cloud + product: Media Translation API + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Memorystore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Google Cloud + product: Migrate for Anthos + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Migrate for Compute Engine (M4CE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: M4CE has been updated to mitigate the issues identified in CVE-2021-44228 + and CVE-2021-45046. M4CE has been updated to version 4.11.9 to address the vulnerabilities. + A notification was sent to customers on December 17, 2021 with subject line + “Important information about CVE-2021-44228 and CVE-2021-45046” for M4CE V4.11 + or below. If you are on M4CE v5.0 or above, no action is needed. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Google Cloud + product: Network Connectivity Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Network Intelligence Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Network Service Tiers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Persistent Disk + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Pub/Sub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Google Cloud + product: Pub/Sub Lite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate + logging solution that uses Log4j 2. We strongly encourage customers who manage + Pub/Sub Lite environments to identify components dependent on Log4j 2 and update + them to the latest version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Google Cloud + product: reCAPTCHA Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Recommendations AI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Retail Search + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Risk Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Secret Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Security Command Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Service Directory + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Service Infrastructure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Speaker ID + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Speech-to-Text + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Speech-to-Text On-Prem + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Storage Transfer Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Talent Solution + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Text-to-Speech + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Transcoder API + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Transfer Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Video Intelligence API + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Virtual Private Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Google Cloud + product: Web Security Scanner + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Workflows + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Gradle + product: Gradle + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.gradle.org/log4j-vulnerability + notes: Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gradle + product: Gradle Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 2021.3.6 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.gradle.com/advisory/2021-11 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gradle + product: Gradle Enterprise Build Cache Node + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 10.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.gradle.com/advisory/2021-11 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gradle + product: Gradle Enterprise Test Distribution Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 1.6.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.gradle.com/advisory/2021-11 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Grafana + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Grandstream + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gravitee + product: Access Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 3.10.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gravitee + product: Access Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 3.5.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gravitee + product: API Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 3.10.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gravitee + product: API Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 3.5.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gravitee + product: Alert Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 1.5.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gravitee + product: Alert Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 1.4.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gravitee + product: Cockpit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 1.4.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gravitee.io + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Gravwell + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Graylog + product: Graylog Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions >= 1.2.0 and <= 4.2.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.graylog.org/post/graylog-update-for-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: GreenShot + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://greenshot.atlassian.net/browse/BUG-2871 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: GSA + product: Cloud.gov + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.gov/2021/12/14/log4j-buildpack-updates/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Guidewire + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.guidewire.com/s/article/Update-to-customers-who-have-questions-about-the-use-of-log4j-in-Guidewire-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HAProxy + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.haproxy.com/blog/december-2021-log4shell-mitigation/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HarmanPro AMX + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.harmanpro.com/apache-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HashiCorp + product: Boundary + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HashiCorp + product: Consul + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HashiCorp + product: Consul Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HashiCorp + product: Nomad + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HashiCorp + product: Nomad Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HashiCorp + product: Packer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HashiCorp + product: Terraform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HashiCorp + product: Terraform Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HashiCorp + product: Vagrant + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HashiCorp + product: Vault + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HashiCorp + product: Vault Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HashiCorp + product: Waypoint + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HCL Software + product: BigFix Compliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 2.0.1 - 2.0.4 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 + notes: Not Affected for related CVE-2021-45046 + references: + - '[Forum post with more specifics](https://forum.bigfix.com/t/bigfix-compliance-has-a-remediation-for-log4j-vulnerability-cve-2021-44228/40197)' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: HCL Software + product: BigFix Insights + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 + notes: Not Affected for related CVE-2021-45046 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: HCL Software + product: BigFix Insights for Vulnerability Remediation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 + notes: Not Affected for related CVE-2021-45046 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: HCL Software + product: BigFix Inventory + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 10.0.7 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 + notes: Not Affected for related CVE-2021-45046 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: HCL Software + product: BigFix Lifecycle + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 + notes: Not Affected for related CVE-2021-45046 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: HCL Software + product: BigFix Mobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 + notes: Not Affected for related CVE-2021-45046 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: HCL Software + product: BigFix Patch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 + notes: Not Affected for related CVE-2021-45046 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: HelpSystems Clearswift + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.helpsystems.com/kb-nav/kb-article/?id=37becc1c-255c-ec11-8f8f-6045bd006687 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HENIX + product: Squash TM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 1.21.7 - 1.22.9 + - 2.0.3 - 2.1.5 + - 2.2.0 - 3.0.2 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tm-en.doc.squashtest.com/v3/downloads.html#download-previous-versions + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-23T00:00:00' + - vendor: Hexagon + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2?language=en_US + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Hikvision + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://video.xortec.de/media/pdf/87/e8/03/kw50_Update-for-Apache-Log4j2-Issue-Hikvision_official.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Hitachi Energy + product: eSOMS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hitachienergy.com/offering/solutions/cybersecurity/alerts-and-notifications + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Hitachi Vantara + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://knowledge.hitachivantara.com/Support_Information/Hitachi_Vantara_Security_Advisories/CVE-2021-44228_-_Apache_Log4j2 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: Honeywell + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:53+00:00' + - vendor: HP + product: Teradici Cloud Access Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < v113 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hp.com/us-en/document/ish_5268006-5268030-16 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: HP + product: Teradici EMSDK + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 1.0.6 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hp.com/us-en/document/ish_5268006-5268030-16 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: HP + product: Teradici Management Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 21.10.3 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hp.com/us-en/document/ish_5268006-5268030-16 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: HP + product: Teradici PCoIP Connection Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 21.03.6 + - < 20.07.4 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hp.com/us-en/document/ish_5268006-5268030-16 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: HP + product: Teradici PCoIP License Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hp.com/us-en/document/ish_5268006-5268030-16 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: HPE + product: 3PAR StoreServ Arrays + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: AirWave Management Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Alletra 6000 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Alletra 9k + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Aruba Central + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Aruba ClearPass Policy Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Aruba ClearPass Policy Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Aruba Instant (IAP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Aruba Location Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Aruba NetEdit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Aruba PVOS Switches + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Aruba SDN VAN Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Aruba User Experience Insight (UXI) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Aruba VIA Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: ArubaOS-CX switches + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: ArubaOS-S switches + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: ArubaOS SD-WAN Controllers and Gateways + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: ArubaOS Wi-Fi Controllers and Gateways + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: BladeSystem Onboard Administrator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Brocade 16Gb Fibre Channel SAN Switch for HPE Synergy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Brocade 16Gb SAN Switch for HPE BladeSystem c-Class + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Brocade 32Gb Fibre Channel SAN Switch for HPE Synergy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Brocade Network Advisor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: CloudAuth + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: CloudPhysics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Compute Cloud Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Compute operations manager- FW UPDATE SERVICE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: COS (Cray Operating System) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Cray Systems Management (CSM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Custom SPP Portal [Link](https://spp.hpe.com/custom) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Data Services Cloud Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Harmony Data Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HOP public services (grafana, vault, rancher, Jenkins) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE B-series SN2600B SAN Extension Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE B-series SN4000B SAN Extension Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE B-series SN6000B Fibre Channel Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE B-series SN6500B Fibre Channel Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE B-series SN6600B Fibre Channel Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE B-series SN6650B Fibre Channel Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE B-series SN6700B Fibre Channel Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE Customer Experience Assurance (CEA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Hardware Support Manager plug-in for VMware vSphere Lifecycle Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE Home Location Register (HLR/I-HLR) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Infosight for Servers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE Integrated Home Subscriber Server (I-HSS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Intelligent Messaging (IM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Intelligent Network Server (INS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Multimedia Services Environment (MSE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE OC Convergent Communications Platform (OCCP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE OC Media Platform Media Resource Function (OCMP-MRF) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE OC Service Access Controller (OC SAC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE OC Service Controller (OCSC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE OC Universal Signaling Platform (OC-USP-M) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE OneView + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE OneView for VMware vRealize Operations (vROps) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE OneView Global Dashboard + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE Performance Cluster Manager (HPCM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Performance Manager (PM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Position Determination Entity (PDE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Secure Identity Broker (SIB) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Service Activator (SA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Service Governance Framework (SGF) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Service Orchestration Manager (SOM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Service Provisioner (SP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Short Message Point-to-Point Gateway (SMPP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Slingshot + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE Smart Interaction Server (SIS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE SN3000B Fibre Channel Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE SN8000B 4-Slot SAN Director Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE SN8000B 8-Slot SAN Backbone Director Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE SN8600B 4-Slot SAN Director Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE SN8600B 8-Slot SAN Director Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE SN8700B 4-Slot Director Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE SN8700B 8-Slot Director Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE Subscriber, Network, and Application Policy (SNAP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Subscription Manager (SM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Synergy Image Streamer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE Systems Insight Manager (SIM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE Telecom Application Server (TAS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Unified Correlation and Automation (UCA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Unified Mediation Bus (UMB) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Unified OSS Console (UOC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Unified Topology Manager (UTM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Universal Identity Repository (VIR) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Universal SLA Manager (uSLAM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Virtual Connect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE Virtual Connect Enterprise Manager (VCEM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE Virtual Provisioning Gateway (vPGW) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Virtual Server Environment (VSE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: HPE Virtual Subscriber Data Management (vSDM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE WebRTC Gateway Controller (WGW) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: HPE + product: HPE Wi-Fi Authentication Gateway (WauG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Insight Cluster Management Utility (CMU) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Integrated Lights-Out (iLO) Amplifier Pack + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Integrated Lights-Out 4 (iLO 4) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '4' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Integrated Lights-Out 5 (iLO 5) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '5' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Integrity BL860c, BL870c, BL890c + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Integrity Rx2800/Rx2900 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Integrity Superdome 2 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Integrity Superdome X + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Intelligent Provisioning + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: iSUT integrated smart update tool + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Maven Artifacts (Atlas) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: MSA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: NetEdit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Nimble Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: NS-T0634-OSM CONSOLE TOOLS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: NS-T0977-SCHEMA VALIDATOR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: OfficeConnect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Primera Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: RepoServer part of OPA (on Premises aggregator) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Resource Aggregator for Open Distributed Infrastructure Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: RESTful Interface Tool (iLOREST) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: SAT (System Admin Toolkit) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Scripting Tools for Windows PowerShell (HPEiLOCmdlets) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: SGI MC990 X Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: SGI UV 2000 Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: SGI UV 300, 300H, 300RL, 30EX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: SGI UV 3000 Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: SN8700B 8-Slot Director Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: StoreEasy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: StoreEver CVTL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: StoreEver LTO Tape Drives + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: StoreEver MSL Tape Libraries + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: StoreOnce + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: SUM (Smart Update Manager) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Superdome Flex 280 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: Superdome Flex Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: UAN (User Access Node) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: HOLOGIC + product: Advanced Workflow Manager (AWM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: While the Hologic software itself does not utilize Java/Log4J, the installed + APC PowerChute UPS with Business Edition v9.5 software installed may. APC is + still assessing its PowerChute software to determine if it is vulnerable. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Unifi Workspace + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: While the Hologic software itself does not utilize Java/Log4J, the installed + APC PowerChute UPS with Business Edition v9.5 software installed may. APC is + still assessing its PowerChute software to determine if it is vulnerable. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Faxitron CT Specimen Radiography System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: While the Hologic software itself does not utilize Java/Log4J, there is + a utility program installed that may utilize Java and Log4J. This utility program + does not run on startup and is not required for system operation. Please contact + Hologic Service for assistance in removing this program. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Dimensions / 3Dimensions Mammography System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Affirm Prone Biopsy System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Brevera Breast Biopsy System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Trident HD Specimen Radiography System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: SecurView DX Workstation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Cenova Image Analytics Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: SecurXChange Router + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Rosetta DC Tomosynthesis Data Converter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Faxitron Specimen Radiography Systems + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Horizon DXA Bone Densitometer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Discovery Bone Densitometer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Fluoroscan Insight Mini C-Arm + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: SuperSonic Imagine Ultrasound Products (Aixplorer & Aixplorer Mach) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Windows Selenia Mammography System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Huawei + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Hubspot + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: I-Net software + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: I2P + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://geti2p.net/en/blog/post/2021/12/11/i2p-unaffected-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: IBA-AG + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.iba-ag.com/en/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Ibexa + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://developers.ibexa.co/security-advisories/cve-2021-44228-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: IBM + product: BigFix Compliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: IBM + product: BigFix Inventory + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - VM Manager Tool & SAP Tool + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: To verify if your instance is affected, go to the lib subdirectory of the + tool (BESClient/LMT/SAPTOOL and BESClient/LMT/VMMAN) and check what version + of log4j is included. Version is included in the name of the library. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: IBM + product: Analytics Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: App Configuration + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: App Connect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: App ID + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Application Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Aspera Endpoint + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Aspera Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Aspera fasp.io + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Aspera + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Bare Metal Servers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Block Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Block Storage for VPC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Block Storage Snapshots for VPC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Case Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Certificate Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Client VPN for VPC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Cloud Activity Tracker + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Cloud Backup + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Cloud Monitoring + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Cloud Object Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Cloud Object Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Cloudant + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Code Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Cognos Command Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Cognos Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 10.4.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/support/pages/node/6526468> + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Cognos Integration Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Compose Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Compose for Elasticsearch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Compose for etcd + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Compose for MongoDB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Compose for MySQL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Compose for PostgreSQL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Compose for RabbitMQ + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Compose for Redis + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Compose for RethinkDB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Compose for ScyllaDB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Container Registry + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Container Security Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Content Delivery Network + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Continuous Delivery + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Copy Services Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Databases for DataStax + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Databases for EDB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Databases for Elasticsearch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Databases for etcd + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Databases for MongoDB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Databases for PostgreSQL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Databases for Redis + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Datapower Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Dedicated Host for VPC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Direct Link Connect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Direct Link Connect on Classic + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Direct Link Dedicated (2.0) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Direct Link Dedicated Hosting on Classic + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Direct Link Dedicated on Classic + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Direct Link Exchange on Classic + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: DNS Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Emptoris Contract Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Emptoris Program Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Emptoris Sourcing + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Emptoris Spend Analysis + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Emptoris Supplier Lifecycle Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Enterprise Tape Controller Model C07 (3592) (ETC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Event Notifications + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Event Streams + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: File Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Flash System 900 (& 840) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Flow Logs for VPC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Functions + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: GSKit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Guardium S-TAP for Data Sets on z/OS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Guardium S-TAP for DB2 on z/OS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Guardium S-TAP for IMS on z/OS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Hyper Protect Crypto Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Hyper Protect DBaaS for MongoDB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Hyper Protect DBaaS for PostgreSQL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Hyper Protect Virtual Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: i2 Analyst’s Notebook + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: i2 Base + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM Application Runtime Expert for i + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM Backup, Recovery and Media Services for i + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM Db2 Mirror for i + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM HTTP Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM i Access Family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM i Portfolio of products under the Group SWMA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM PowerHA System Mirror for i + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM Sterling Connect:Direct Browser User Interface + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM Sterling Connect:Direct File Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - See Vendor Links + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/security-bulletin-apache-log4j-vulnerability-affects-ibm-sterling-connectdirect-for-unix-cve-2021-44228/ + notes: '' + references: + - '[https://www.ibm.com/support/pages/node/6526688](https://www.ibm.com/support/pages/node/6526688), + [https://www.ibm.com/support/pages/node/6528324](https://www.ibm.com/support/pages/node/6528324), + [https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/)' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: IBM + product: IBM Sterling Connect:Direct for HP NonStop + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM Sterling Connect:Direct for i5/OS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM Sterling Connect:Direct for OpenVMS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM Sterling Connect:Express for Microsoft Windows + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM Sterling Connect:Express for UNIX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: IBM Sterling Connect:Express for z/OS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Instana Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Timestamp lower than 12-11-2021 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://status.instana.io/incidents/4zgcd2gzf4jw + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: IBM + product: Internet Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Key Lifecyle Manager for z/OS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Key Protect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Knowledge Studio + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Kubernetes Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Load Balancer for VPC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Log Analysis + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Managed VMware Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Management Extender for VMware vCenter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: IBM + product: Mass Data Migration + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Maximo EAM SaaS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Message Hub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: MQ Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: MQ on IBM Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Natural Language Understanding + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: OmniFind Text Search Server for DB2 for i + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: OPENBMC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Planning Analytics Workspace + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '>2.0.57' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/support/pages/node/6525700 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Power HMC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - V9.2.950.0 & V10.1.1010.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/support/pages/node/6526172?myns=pwrsmc&mynp=OCSGGSNP&mync=E&cm_sp=pwrsmc-_-OCSGGSNP-_-E + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: PowerSC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: PowerVM Hypervisor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: PowerVM VIOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: QRadar Advisor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Qradar Network Threat Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: QRadar SIEM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Quantum Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Rational Developer for AIX and Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Rational Developer for i + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Red Hat OpenShift on IBM Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Resilient + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: IBM + product: Robotic Process Automation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: SAN Volume Controller and Storwize Family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Satellite Infrastructure Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Schematics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Secrets Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Secure Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Server Automation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: IBM + product: Spectrum Archive Library Edition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Discover + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Protect Client Management Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: 'Spectrum Protect for Databases: Data Protection for Oracle' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: 'Spectrum Protect for Databases: Data Protection for SQL' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Protect for Enterprise Resource Planning + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: 'Spectrum Protect for Mail: Data Protection for Domino' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: 'Spectrum Protect for Mail: Data Protection for Exchange' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Protect for Workstations + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Protect for z/OS USS Client and API + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Protect Plus Db2 Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Protect Plus Exchange Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Protect Plus File Systems Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Protect Plus MongoDB Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Protect Plus O365 Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Protect Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Protect Snapshot for UNIX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Spectrum Protect Snapshot for UNIX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: SQL Query + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Gentran + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Order Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Transformation Extender Pack for ACORD + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Transformation Extender Pack for Financial Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Transformation Extender Pack for FIX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Transformation Extender Pack for NACHA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Transformation Extender Pack for PeopleSoft + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Transformation Extender Pack for SAP R/3 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Transformation Extender Pack for SEPA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Transformation Extender Pack for Siebel + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Transformation Extender Pack for SWIFT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Transformation Extender Packs for EDI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Transformation Extender Packs for Healthcare + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Sterling Transformation Extender Trading Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Storage TS1160 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Storage TS2280 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Storage TS2900 Library + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Storage TS3100-TS3200 Library + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Storage TS4500 Library + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Storage Virtualization Engine TS7700 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Tape System Library Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: TDMF for zOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Total Storage Service Console (TSSC) / TS4500 IMC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Transit Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Tririga Anywhere + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: TS4300 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Urbancode Deploy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Virtual Private Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Virtual Server for Classic + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Virtualization Management Interface + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: VMware Solutions + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: VMware vCenter Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: VMware vSphere + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: VPN for VPC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: vRealize Operations and Log Insight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Workload Automation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: ICONICS + product: All + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://iconics.com/News/Press-Releases/2021/ICONICS-Not-Subject-to-Apache-Log4j-Vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: IFS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.ifs.com/announcements-278/urgent-bulletin-ifs-advisory-ifs-products-services-and-log4j-cve-2021-44228-16436 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: IGEL + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.igel.com/securitysafety/en/isn-2021-11-ums-log4j-vulnerability-54086712.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Ignite Realtime + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discourse.igniterealtime.org/t/openfire-4-6-5-released/91108 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: iGrafx + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.igrafx.com/igrafx-thwarts-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Illuminated Cloud + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://illuminatedcloud.blogspot.com/2021/12/illuminated-cloud-2-and-log4j-security.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Illumio + product: C-VEN + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Illumio + product: CLI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Illumio + product: CloudSecure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Illumio + product: Core on-premise PCE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Illumio + product: Core SaaS PCE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Illumio + product: Edge SaaS PCE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Illumio + product: Edge-CrowdStrike + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Illumio + product: Flowlink + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Illumio + product: Kubelink + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Illumio + product: NEN + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Illumio + product: QRadar App + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Illumio + product: Splunk App + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Illumio + product: VEN + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: IManage + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.imanage.com/hc/en-us/articles/4412696236699-ADVISORY-Security-vulnerability-CVE-2021-44228-in-third-party-component-Apache-Log4j2#h_3164fa6c-4717-4aa1-b2dc-d14d4112595e + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Imperva + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.imperva.com/blog/how-were-protecting-customers-staying-ahead-of-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Inductive Automation + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: IndustrialDefender + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.industrialdefender.com/cve-2021-44228-log4j/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: infinidat + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.infinidat.com/hc/en-us/articles/4413483145489-INFINIDAT-Support-Announcement-2021-010-Log4Shell-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: InfluxData + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.influxdata.com/blog/apache-log4j-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Infoblox + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.infoblox.com/articles/Knowledge/Infoblox-NIOS-and-BloxOne-products-not-vulnerable-to-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Informatica + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://network.informatica.com/community/informatica-network/blog/2021/12/10/log4j-vulnerability-update + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Instana + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://status.instana.io/incidents/4zgcd2gzf4jw + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Instructure + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.canvaslms.com/t5/Community-Users/Instructure-amp-the-Apache-Log4j2-Vulnerability/ba-p/501907 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Intel + product: Audio Development Kit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Intel + product: Datacenter Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Intel + product: oneAPI sample browser plugin for Eclipse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Intel + product: System Debugger + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Intel + product: Secure Device Onboard + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Intel + product: Genomics Kernel Library + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Intel + product: System Studio + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Intel + product: Computer Vision Annotation Tool maintained by Intel + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Intel + product: Sensor Solution Firmware Development Kit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Internet Systems Consortium(ISC) + product: ISC DHCP, aka dhcpd + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.isc.org/blogs/2021-log4j/ + notes: no JAVA Code + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Internet Systems Consortium(ISC) + product: Kea DHCP + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.isc.org/blogs/2021-log4j/ + notes: no JAVA Code + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Internet Systems Consortium(ISC) + product: BIND 9 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.isc.org/blogs/2021-log4j/ + notes: no JAVA Code + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: InterSystems + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intersystems.com/gt/apache-log4j2/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Intland + product: codebeamer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <= 20.11-SP11 + - <= 21.09-SP3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://codebeamer.com/cb/wiki/19872365 + notes: A fix has been released for [20.11](https://codebeamer.com/cb/wiki/13134438) + and [21.09](https://codebeamer.com/cb/wiki/19418497), but not yet for [21.04](https://codebeamer.com/cb/wiki/16937839) + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: IPRO + product: Netgovern + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: iRedMail + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.iredmail.org/topic18605-log4j-cve202144228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Ironnet + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ironnet.com/blog/ironnet-security-notifications-related-to-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: ISLONLINE + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.islonline.com/2021/12/13/isl-online-is-not-affected-by-log4shell-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Ivanti + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Jamasoftware + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.jamasoftware.com/communities/community-home/digestviewer/viewthread?MessageKey=06d26f9c-2abe-4c10-93d4-c0f6c8a01b22&CommunityKey=c9d20d4c-5bb6-4f19-92eb-e7cee0942d51&tab=digestviewer#bm06d26f9c-2abe-4c10-93d4-c0f6c8a01b22 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Jamf + product: Jamf Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 10.31.0 – 10.34.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Jaspersoft + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.jaspersoft.com/wiki/apache-log4j-vulnerability-update-jaspersoft-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Jedox + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.jedox.com/en/trust/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Jenkins + product: CI/CD Core + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Jenkins + product: Plugins + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ + notes: '[Instructions to test your installations in announcement](https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: JetBrains + product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, + IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, + Rider, RubyMine, WebStorm) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory, + dotCover, dotPeek) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: ToolBox + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: TeamCity + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://youtrack.jetbrains.com/issue/TW-74298 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: Hub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 2021.1.14080 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/hub/2021/12/14/hub-update-regarding-log4j2-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: YouTrack Standalone + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 2021.4.35970 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/youtrack/2021/12/youtrack-update-regarding-log4j2-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: YouTrack InCloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: Datalore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: Space + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Jetbrains + product: Code With Me + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: Kotlin + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: Ktor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: MPS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: Floating license server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '30211' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JetBrains + product: UpSource + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 2020.1.1952 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: JFROG + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://jfrog.com/knowledge-base/general-jfrog-services-are-not-affected-by-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Jitsi + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Jitterbit + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://success.jitterbit.com/display/DOC/Mitigating+the+Apache+Log4j2+JNDI+Vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: jPOS + product: (ISO-8583) bridge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/jpos/jPOS/commit/d615199a1bdd35c35d63c07c10fd0bdbbc96f625 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Johnson Controls + product: C•CURE‐9000 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 2.90.x (all 2.90 versions) + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: C•CURE‐9000 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 2.80.x (all 2.80 versions) + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: C•CURE‐9000 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 2.70 (All versions) + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: C•CURE‐9000 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 2.60 (All versions) + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: victor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 5.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: victor/ C•CURE‐9000 Unified + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 3.81.x / victor 5.4.1 / C•CURE‐9000 2.80 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: victor/ C•CURE‐9000 Unified + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 3.91.x / victor 5.6.1 / C•CURE‐9000 2.90 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Metasys Products and Tools + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Facility Explorer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 14.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: CEM AC2000 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: CEM Hardware Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Illustra Cameras + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Illustra Insight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Tyco AI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: DLS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Entrapass + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: CloudVue Web + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: CloudVue Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Qolsys IQ Panels + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: PowerSeries NEO + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: PowerSeries Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Sur‐Gard Receivers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: VideoEdge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 5.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: exacqVision Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: exacqVision Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: exacqVision WebService + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: BCPro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: iSTAR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Journyx + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.journyx.com/support/solutions/articles/9000209044-apache-log4j-2-vulnerability-cve-2021-44228- + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Jump Desktop + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.jumpdesktop.com/hc/en-us/articles/4416720395021-Log4j-CVE-2021-44228-CVE-2021-45046-Statement + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Juniper Networks + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Justice Systems + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.justicesystems.com/services/support/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: K15t + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.k15t.com/k15t-apps-and-log4shell-193401141.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: K6 + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://k6.io/blog/k6-products-not-impacted-by-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Karakun + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://board.karakun.com/viewtopic.php?f=21&t=8351 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Kaseya + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Keeper Security + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.keepersecurity.com/blog/2021/12/15/public-notice-regarding-the-apache-foundation-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: KEMP + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: KEMP 2 + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228- + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Kofax + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://knowledge.kofax.com/MFD_Productivity/SafeCom/Product_Information/SafeCom_and_Log4j_vulnerability_(CVE-2021-44228) + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Konica Minolta + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.konicaminolta.de/de-de/support/log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Kronos UKG + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.kronos.com/s/feed/0D54M00004wJKHiSAO?language=en_US + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Kyberna + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.kyberna.com/detail/log4j-sicherheitsluecke + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: L-Soft + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - http://www.lsoft.com/news/log4jinfo.asp + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: L3Harris Geospatial + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.l3harrisgeospatial.com/Support/Self-Help-Tools/Help-Articles/Help-Articles-Detail/ArtMID/10220/ArticleID/24141/Impact-of-Log4j-Java-Security-Vulnerability-CVE-2021-44228-on-L3Harris-Geospatial-software + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Lancom Systems + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.lancom-systems.com/service-support/instant-help/general-security-information/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Lansweeper + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.lansweeper.com/vulnerability/critical-log4j-vulnerability-affects-millions-of-applications/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Laserfiche + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://answers.laserfiche.com/questions/194037/Do-any-Laserfiche-products-use-the-Apache-log4j-library#194038 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: LastPass + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.logmeininc.com/lastpass/help/log4j-vulnerability-faq-for-lastpass-universal-proxy + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: LaunchDarkly + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://launchdarkly.com/blog/audit-shows-systems-unaffected-by-log4j/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Leanix + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leanix.net/en/blog/log4j-vulnerability-log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:54+00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio AT2 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio AT2 DX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio CS2 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio eSlide Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio GT 450 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio GT 450 DX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio ImageScope + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio ImageScope DX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio LV1 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio SAM DX Server For GT 450 DX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio Scanner Administration Manager (SAM) Server for GT 450 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio VERSA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Aperio WebViewer DX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: BOND-ADVANCE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: BOND Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: BOND-III + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: BOND-MAX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: BOND RX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: BOND RXm + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: CEREBRO + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: CytoVision + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: HistoCore PEARL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: HistoCore PEGASUS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: HistoCore SPECTRA CV + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: HistoCore SPECTRA ST + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: HistoCore SPIRIT ST + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: HistoCore SPRING ST + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Leica ASP300S + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Leica CV5030 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Leica ST4020 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Leica ST5010 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Leica ST5020 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: Leica TP1020 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: LIS Connect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: PathDX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: ThermoBrite Elite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Lenovo + product: BIOS/UEFI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: Chassis Management Module 2 (CMM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: Commercial Vantage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: Confluent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: DSS-G + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: Embedded System Management Java-based KVM clients + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: Fan Power Controller (FPC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: Fan Power Controller2 (FPC2) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: Integrated Management Module II (IMM2) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: NetApp ONTAP Tools for VMware vSphere + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: See [NetApp](https://security.netapp.com/advisory/ntap-20211210-0007/) + advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: 'Network Switches running: Lenovo CNOS, Lenovo ENOS, IBM ENOS, or Brocade + FOS' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: Storage Management utilities + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: System Management Module (SMM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: System Management Module 2 (SMM2) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: System Update + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: Thin Installer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: ThinkAgile HX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: Nutanix and VMware components only; hardware not affected. See [Nutanix](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) + and [VMWare](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) + advisories. + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: ThinkAgile VX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: VMware components only; hardware not affected. See [VMWare](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) + advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: ThinkSystem 2x1x16 Digital KVM Switch - Type 1754D1T + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: ThinkSystem DE Series Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: See also NetApp advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: ThinkSystem DM Series Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: See also NetApp advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: ThinkSystem DS Series Storage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: ThinkSystem Manager (TSM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: Update Retriever + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: Vantage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Administrator (LXCA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Controller (XCC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Energy Manager (LXEM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Essentials (LXCE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Integrator (LXCI) for Microsoft Azure Log Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Integrator (LXCI) for Microsoft System Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Integrator (LXCI) for Nagios + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Integrator (LXCI) for ServiceNow + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Integrator (LXCI) for VMware vCenter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Integrator (LXCI) for Windows Admin Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Mobile (LXCM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Orchestrator (LXCO) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: Lenovo + product: XClarity Provisioning Manager (LXPM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.lenovo.com/ca/en/product_security/len-76573 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: LeoStream + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.leostream.com/support/discussions/topics/66000507567 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Let's Encrypt + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.letsencrypt.org/t/log4j-vulnerability-cve-2021-44228/167464 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: LibreNMS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.librenms.org/t/is-librenms-affected-by-vulnerable-to-cve-2021-25218-cve-2021-44228/17675/6 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: LifeRay + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://liferay.dev/blogs/-/blogs/log4j2-zero-day-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: LifeSize + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.lifesize.com/s/article/Apache-Log4j2-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Lightbend + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Lime CRM + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.lime-crm.com/security/lcsec21-01 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: LIONGARD + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://insights.liongard.com/faq-apache-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: LiquidFiles + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://mailchi.mp/liquidfiles/liquidfiles-log4j?e=%5BUNIQID%5D + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: LiveAction + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://documentation.liveaction.com/LiveNX/LiveNX%2021.5.1%20Release%20Notes/Release%20Notes%20LiveNX%2021.5.1.1.3 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Loftware + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.loftware.com/lps-kb/content/log4j%20cve-2021-44228.htm?Highlight=CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: LOGalyze + product: SIEM & log analyzer tool + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - v4.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sourceforge.net/software/product/LOGalyze/ + notes: 'local-log4j-vuln-scanner result: indicator for vulnerable component found + in /logalyze/lib/log4j-1.2.17.jar (org/apache/log4j/net/SocketNode.class): log4j + 1.2.17' + references: + - '[Forks (github.com)](https://github.com/search?q=logalyzer&s=updated&type=Repositories)' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: LogiAnalytics + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://devnet.logianalytics.com/hc/en-us/articles/4415781801751-Statement-on-Log4j-Vulnerability-CVE-2021-44228- + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: LogicMonitor + product: LogicMonitor Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.logicmonitor.com/support/log4shell-security-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: LogMeIn + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.logmein.com/t5/LogMeIn-Central-Discussions/LOG4J-Vulnerability/m-p/280317/highlight/true#M8327 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: LogRhythm + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.logrhythm.com/t5/Product-Security/LogRhythm-Response-to-the-Apache-Log4J-Vulnerability-Log4Shell/td-p/494068 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Looker + product: Looker + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '21.0' + - '21.6' + - '21.12' + - '21.16' + - '21.18' + - '21.20' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.google.com/document/d/e/2PACX-1vQGN1AYNMHxsRQ9AZNu1bKyTGRUSK_9xkQBge-nu4p8PYvBKIYHhc3914KTfVtDFIXtDhc3k6SZnR2M/pub + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: LucaNet + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.lucanet.com/en/blog/update-vulnerability-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Lucee + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://dev.lucee.org/t/lucee-is-not-affected-by-the-log4j-jndi-exploit-cve-2021-44228/9331/4 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Lyrasis + product: Fedora Repository + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 3.x + - 4.x + - 5.x + - 6.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo + notes: Fedora Repository is unaffiliated with Fedora Linux. Uses logback and + explicitly excludes log4j. + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: MailStore + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Maltego + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: ManageEngine + product: Servicedesk Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 11305 and below + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.manageengine.com/products/service-desk/security-response-plan.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: ManageEngine + product: AD SelfService Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Build 6.1 build 6114 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-27T00:00:00' + - vendor: ManageEngine Zoho + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: ManageEngine Zoho + product: ADManager Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - On-Prem + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: ManageEngine Zoho + product: ADAudit Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - On-Prem + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: ManageEngine Zoho + product: DataSecurity Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - On-Prem + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: ManageEngine Zoho + product: EventLog Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - On-Prem + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: ManageEngine Zoho + product: M365 Manager Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - On-Prem + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: ManageEngine Zoho + product: RecoveryManager Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - On-Prem + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: ManageEngine Zoho + product: Exchange Reporter Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - On-Prem + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: ManageEngine Zoho + product: Log360 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - On-Prem + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: ManageEngine Zoho + product: Log360 UEBA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - On-Prem + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: ManageEngine Zoho + product: Cloud Security Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - On-Prem + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: ManageEngine Zoho + product: M365 Security Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - On-Prem + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: ManageEngine Zoho + product: Analytics Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - On-Prem + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: MariaDB + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: MathWorks + product: All MathWorks general release desktop or server products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: MathWorks + product: MATLAB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T00:00:00' + - vendor: Matillion + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://documentation.matillion.com/docs/security-advisory-14th-december-2021 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Matomo + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.matomo.org/t/matomo-is-not-concerned-by-the-log4j-security-breach-cve-2021-44228-discovered-on-december-2021-the-9th/44089 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Mattermost FocalBoard + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.mattermost.org/t/log4j-vulnerability-concern/12676 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: McAfee + product: Data Exchange Layer (DXL) Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Data Loss Prevention (DLP) Discover + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Data Loss Prevention (DLP) Endpoint for Mac + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Data Loss Prevention (DLP) Endpoint for Windows + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Data Loss Prevention (DLP) Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Data Loss Prevention (DLP) Prevent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Endpoint Security (ENS) for Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Endpoint Security (ENS) for Mac + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Endpoint Security (ENS) for Windows + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: ePolicy Orchestrator Application Server (ePO) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 5.10 CU11 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kc.mcafee.com/agent/index?page=content&id=SB10377 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: ePolicy Orchestrator Agent Handlers (ePO-AH) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Host Intrusion Prevention (Host IPS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Management of Native Encryption (MNE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: McAfee Active Response (MAR) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: McAfee Agent (MA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: McAfee Application and Change Control (MACC) for Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: McAfee Application and Change Control (MACC) for Windows + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: McAfee Client Proxy (MCP) for Mac + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: McAfee Client Proxy (MCP) for Windows + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: McAfee Drive Encryption (MDE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: McAfee Security for Microsoft Exchange (MSME) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: McAfee Security for Microsoft SharePoint (MSMS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: McAfee Security for Microsoft Exchange (MSME) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Enterprise Security Manager (ESM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 11.5.3 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kc.mcafee.com/agent/index?page=content&id=SB10377 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Network Security Manager (NSM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Network Security Platform (NSP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Policy Auditor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Threat Intelligence Exchange (TIE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kc.mcafee.com/agent/index?page=content&id=SB10377 + notes: Latest status in linked Security Bulletin + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: Web Gateway (MWG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kc.mcafee.com/agent/index?page=content&id=SB10377 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Medtronic + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medtronic.com/xg-en/product-security/security-bulletins/log4j-vulnerabilities.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: MEINBERG + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.meinbergglobal.com/english/news/meinberg-lantime-and-microsync-systems-not-at-risk-from-log4j-security-exploit.htm + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Meltano + product: Meltano + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/meltano/meltano + notes: Project is written in Python + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Memurai + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.memurai.com/blog/apache-log4j2-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: MicroFocus + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://portal.microfocus.com/s/customportalsearch?language=en_US&searchtext=CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Microsoft + product: Azure Application Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Microsoft + product: Azure API Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Microsoft + product: Azure Data lake store java + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 2.3.10 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Microsoft + product: Azure Data lake store java + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 2.3.10 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Microsoft + product: Azure DevOps Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2019.0 - 2020.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Microsoft + product: Azure DevOps + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Microsoft + product: Azure Traffic Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Microsoft + product: Team Foundation Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2018.2+ + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Microstrategy + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.microstrategy.com/s/article/MicroStrategy-s-response-to-CVE-2021-44228-The-Log4j-0-Day-Vulnerability?language=en_US + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Midori Global + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.midori-global.com/blog/2021/12/15/cve-2021-44228-log4shell-midori-apps-are-not-affected + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Mikrotik + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.mikrotik.com/viewtopic.php?p=897938 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Milestone sys + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportcommunity.milestonesys.com/s/article/Log4J-vulnerability-faq?language=en_US + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Mimecast + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.mimecast.com/s/article/Mimecast-Information-for-Customers-on-the-Log4Shell-Vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Minecraft + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Mirantis + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/Mirantis/security/blob/main/news/cve-2021-44288.md + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Miro + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://miro.com/trust/updates/log4j/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Mitel + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: MobileIron + product: Core + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All Versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US + notes: The mitigation instructions listed in a subsequent section removes a vulnerable + Java class (JNDILookUp.class) from the affected Log4J Java library and as a + result removes the ability to perform the RCE attack. The workaround needs + to be applied in a maintenance window. You will not be able to access the admin + portal during the procedure, however, end user devices will continue to function. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: MobileIron + product: Core Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All Versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US + notes: The mitigation instructions listed in a subsequent section removes a vulnerable + Java class (JNDILookUp.class) from the affected Log4J Java library and as a + result removes the ability to perform the RCE attack. The workaround needs + to be applied in a maintenance window. You will not be able to access the admin + portal during the procedure, however, end user devices will continue to function. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: MobileIron + product: Reporting Database (RDB) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All Versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US + notes: The mitigation instructions listed in a subsequent section removes a vulnerable + Java class (JNDILookUp.class) from the affected Log4J Java library and as a + result removes the ability to perform the RCE attack. The workaround needs + to be applied in a maintenance window. You will not be able to access the admin + portal during the procedure, however, end user devices will continue to function. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: MobileIron + product: Sentry + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '9.13' + - '9.14' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US + notes: The mitigation instructions listed in a subsequent section removes a vulnerable + Java class (JNDILookUp.class) from the affected Log4J Java library and as a + result removes the ability to perform the RCE attack. The workaround needs + to be applied in a maintenance window. You will not be able to access the admin + portal during the procedure, however, end user devices will continue to function. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: MongoDB + product: All other components of MongoDB Atlas (including Atlas Database, Data + Lake, Charts) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: MongoDB + product: MongoDB Atlas Search + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: MongoDB + product: MongoDB Community Edition (including Community Server, Cloud Manager, + Community Kubernetes Operators) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: MongoDB + product: MongoDB Drivers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: MongoDB + product: MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, + Enterprise Kubernetes Operators) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: MongoDB + product: MongoDB Realm (including Realm Database, Sync, Functions, APIs) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: MongoDB + product: MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas + CLI, Database Connectors) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Moodle + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://moodle.org/mod/forum/discuss.php?d=429966 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: MoogSoft + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://servicedesk.moogsoft.com/hc/en-us/articles/4412463233811?input_string=log4j+vulnerability+%7C%7C+cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Motorola Avigilon + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avigilon.com/s/article/Technical-Notification-Apache-Log4j2-vulnerability-impact-on-Avigilon-products-CVE-2021-44228?language=en_US + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Mulesoft + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Mulesoft + product: Mule Runtime + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.x + - 4.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 + notes: This advisory is available to account holders only and has not been reviewed + by CISA. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Mulesoft + product: Mule Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 6.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 + notes: This advisory is available to account holders only and has not been reviewed + by CISA. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Mulesoft + product: Cloudhub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 + notes: This advisory is available to account holders only and has not been reviewed + by CISA. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Mulesoft + product: Anypoint Studio + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 7.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 + notes: This advisory is available to account holders only and has not been reviewed + by CISA. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: N-able + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Nagios + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.nagios.com/news/2021/12/update-on-apache-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: NAKIVO + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.nakivo.com/index.php?/topic/7574-log4j-cve-2021-44228/&do=findComment&comment=9145 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Neo4j + product: Neo4j Graph Database + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Version >4.2 + - <4..2.12 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-13T00:00:00' + - vendor: Netapp + product: Multiple NetApp products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.netapp.com/advisory/ntap-20211210-0007/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Netcup + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.netcup-news.de/2021/12/14/pruefung-log4j-sicherheitsluecken-abgeschlossen/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: NetGate PFSense + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.netgate.com/topic/168417/java-log4j-vulnerability-is-pfsense-affected/35 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Netwrix + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.netwrix.com/netwrix_statement_on_cve_2021_44228_the_apache_log4j_vulnerability.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: New Relic + product: Containerized Private Minion (CPM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 3.0.57 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr21-04/ + notes: New Relic is in the process of revising guidance/documentation, however + the fix version remains sufficient. + references: + - '[Security Bulletin NR21-04](https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr21-04/)' + reporter: cisagov + last_updated: '2021-12-18T00:00:00' + - vendor: New Relic + product: New Relic Java Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <7.4.3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.newrelic.com/docs/release-notes/agent-release-notes/java-release-notes/java-agent-743/ + notes: Initially fixed in 7.4.2, but additional vulnerability found + references: + - '[New Relic tracking](https://github.com/newrelic/newrelic-java-agent/issues/605), + covers CVE-2021-44228, CVE-2021-45046' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: NextCloud + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.nextcloud.com/t/apache-log4j-does-not-affect-nextcloud/129244 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Nextflow + product: Nextflow + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 21.04.0.5552 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.nextflow.io/docs/latest/index.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Nexus Group + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://doc.nexusgroup.com/pages/viewpage.action?pageId=83133294 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: NI (National Instruments) + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Nice Software (AWS) EnginFRAME + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.enginframe.com/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: NinjaRMM + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://ninjarmm.zendesk.com/hc/en-us/articles/4416226194189-12-10-21-Security-Declaration-NinjaOne-not-affected-by-CVE-2021-44228-log4j- + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Nomachine + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.nomachine.com/topic/apache-log4j-notification + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: NoviFlow + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://noviflow.com/noviflow-products-and-the-log4shell-exploit-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Nulab + product: Backlog + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - N/A (SaaS) + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://nulab.com/blog/company-news/log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Nulab + product: Backlog Enterprise (On-premises) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 1.11.7 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://nulab.com/blog/company-news/log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Nulab + product: Cacoo + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - N/A (SaaS) + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://nulab.com/blog/company-news/log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Nulab + product: Cacoo Enterprise (On-premises) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 4.0.4 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://nulab.com/blog/company-news/log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Nulab + product: Typetalk + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - N/A (SaaS) + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://nulab.com/blog/company-news/log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Nutanix + product: AHV + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: AOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - LTS (including Prism Element) + - Community Edition + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: AOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - STS (including Prism Element) + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Patched in 6.0.2.4, available on the Portal for download. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Beam + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Saas-Based Procuct. See Advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: BeamGov + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Saas-Based Procuct. See Advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Calm + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Calm Tunnel VM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Collector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Collector Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Saas-Based Procuct. See Advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Data Lens + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Saas-Based Procuct. See Advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Era + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: File Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.1.x + - 2.2.x + - 3.0+ + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Mitigated in version 3.0.1 which is available on the Portal for download. + Mitigation is available [here](https://portal.nutanix.com/kb/12499) + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Files + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Flow + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Flow Security Cental + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Saas-Based Procuct. See Advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Foundation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Frame + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Saas-Based Procuct. See Advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: FrameGov + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Saas-Based Procuct. See Advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: FSCVM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Insights + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Saas-Based Procuct. See Advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Karbon + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Mitigation is available [here](https://portal.nutanix.com/kb/12483) + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Karbon Platform Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Saas-Based Procuct. See Advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Leap + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Saas-Based Procuct. See Advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: LCM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Mine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Mitigation is available [here](https://portal.nutanix.com/kb/12484) + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Move + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: MSP + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Mitigation is available [here](https://portal.nutanix.com/kb/12482) + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: NCC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: NGT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Objects + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Mitigation is available [here](https://portal.nutanix.com/kb/12482) + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Prism Central + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Patched in 2021-9.0.3, available on the Portal for download. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Sizer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Saas-Based Procuct. See Advisory. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Volumes + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Witness VM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Mitigation is available [here](https://portal.nutanix.com/kb/12491) + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: X-Ray + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Nvidia + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://nvidia.custhelp.com/app/answers/detail/a_id/5294 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: NXLog + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://nxlog.co/news/apache-log4j-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Objectif Lune + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://learn.objectiflune.com/blog/security/statement-on-log4j-vulnerability-cve-2021-4428/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: OCLC + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://oclc.service-now.com/status + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Octopus + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://advisories.octopus.com/adv/December.2306508680.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Okta + product: Advanced Server Access + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sec.okta.com/articles/2021/12/log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Okta + product: Okta Access Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sec.okta.com/articles/2021/12/log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Okta + product: Okta AD Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sec.okta.com/articles/2021/12/log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Okta + product: Okta Browser Plugin + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sec.okta.com/articles/2021/12/log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Okta + product: Okta IWA Web Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sec.okta.com/articles/2021/12/log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Okta + product: Okta LDAP Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sec.okta.com/articles/2021/12/log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Okta + product: Okta Mobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sec.okta.com/articles/2021/12/log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Okta + product: Okta RADIUS Server Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 2.17.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Okta + product: Okta Verify + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sec.okta.com/articles/2021/12/log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Okta + product: Okta Workflows + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sec.okta.com/articles/2021/12/log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Okta + product: Okta On-Prem MFA Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 1.4.6 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Onespan + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.onespan.com/remote-code-execution-vulnerability-in-log4j2-cve-2018-11776 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Opengear + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://opengear.zendesk.com/hc/en-us/articles/4412713339419-CVE-2021-44228-aka-Log4Shell-Opengear-products-are-not-affected + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: OpenMRS TALK + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://talk.openmrs.org/t/urgent-security-advisory-2021-12-11-re-apache-log4j-2/35341 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: OpenNMS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: OpenSearch + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.opendistrocommunity.dev/t/log4j-patch-for-cve-2021-44228/7950 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: OpenText + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.opentext.com/support/log4j-remote-code-execution-advisory + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-23T00:00:00' + - vendor: Oracle + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.oracle.com/security-alerts/alert-cve-2021-44228.html + notes: The support document is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Orgavision + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.orgavision.com/neuigkeiten/sicherheitsluecke-java-library-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Osirium + product: PAM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.osirium.com/blog/apache-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Osirium + product: PEM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.osirium.com/blog/apache-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Osirium + product: PPA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.osirium.com/blog/apache-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: OTRS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://portal.otrs.com/external + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: OVHCloud + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.ovhcloud.com/log4shell-how-to-protect-my-cloud-workloads/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: OwnCloud + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://central.owncloud.org/t/owncloud-not-directly-affected-by-log4j-vulnerability/35493 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: OxygenXML + product: Author + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: OxygenXML + product: Developer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: OxygenXML + product: Editor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: OxygenXML + product: Oxygen Content Fusion + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '2.0' + - '3.0' + - '4.1' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: OxygenXML + product: Oxygen Feedback Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.4.4 & older + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: OxygenXML + product: Oxygen License Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - v22.1 to v24.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: OxygenXML + product: Oxygen PDF Chemistry + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - v22.1 + - '23.0' + - '23.1' + - '24.0' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: OxygenXML + product: Oxygen SDK + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: OxygenXML + product: Plugins (see advisory link) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: OxygenXML + product: Publishing Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: OxygenXML + product: Web Author + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: OxygenXML + product: WebHelp + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Palantir + product: Palantir Foundry + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: No impact to Palantir-hosted or Apollo-connected instances, and updates + have been deployed for full remediation. Disconnected customer instances may + require manual updates. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Palantir + product: Palantir Gotham + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: No impact to Palantir-hosted or Apollo-connected instances, and updates + have been deployed for full remediation. Disconnected customer instances may + require manual updates. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Palantir + product: Palantir Apollo + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: No impact, and updates have been deployed for full remediation. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Palantir + product: Palantir AI Inference Platform (AIP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: Fully remediated as of 1.97.0. Disconnected customer instances may require + manual updates. + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Palo-Alto Networks + product: CloudGenix + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: Palo-Alto Networks-OS for Panorama + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '9.0' + - '9.1' + - '10.0' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will + be updated when hot fixes for the affected Panorama versions are available. + PAN-OS for Panorama versions 8.1, 10.1 are not affected. + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Palo-Alto Networks + product: Bridgecrew + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: Cortex Data Lake + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: Cortex Xpanse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: Cortex XDR Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: Cortex XSOAR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: Expedition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: IoT Security + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: GlobalProtect App + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: Palo-Alto Networks-OS for Firewall and Wildfire + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: Prisma Access + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: Prisma Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: Prisma Cloud Compute + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: Okyo Grade + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: SaaS Security + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: WildFire Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: WildFire Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Palo-Alto Networks + product: User-ID Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Panopto + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: PaperCut + product: PaperCut MF + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 21.0 and later + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.papercut.com/support/known-issues/?id=PO-684#ng + notes: Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted + by this. Workaround manual steps available in reference. Upgrade to PaperCut + NG/MF version 21.2.3 Now Available to resolve. + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: PaperCut + product: PaperCut NG + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 21.0 and later + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.papercut.com/support/known-issues/?id=PO-684#ng + notes: Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted + by this. Workaround manual steps available in reference. Upgrade to PaperCut + NG/MF version 21.2.3 Now Available to resolve. + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Parallels + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.parallels.com/en/128696 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Parse.ly + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.parse.ly/parse-ly-log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: PBXMonitor + product: RMM for 3CX PBX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.pbxmonitor.net/changelog.php + notes: Mirror Servers were also checked to ensure Log4J was not installed or being + used by any of our systems. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Pega + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pentaho + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho- + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pepperl+Fuchs + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.pepperl-fuchs.com/global/en/29079.htm + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Percona + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.percona.com/blog/log4jshell-vulnerability-update/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pexip + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Phenix Id + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.phenixid.se/uncategorized/log4j-fix/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Philips + product: Multiple products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.philips.com/a-w/security/security-advisories.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: PHOENIX CONTACT + product: Physical products containing firmware + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: PHOENIX CONTACT + product: Software Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: PHOENIX CONTACT + product: Cloud Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf + notes: Partly affected. Remediations are being implemented. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Ping Identity + product: PingAccess + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.0 <= version <= 6.3.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingCentral + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingFederate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.0 <= version <= 10.3.4 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingFederate Java Integration Kit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 2.7.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingFederate OAuth Playground + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 4.3.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingIntelligence + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Pitney Bowes + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.pitneybowes.com/us/support/apache-log4j-vulnerability.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Planmeca + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.planmeca.com/apache-log4j-vulnerability-in-planmeca-products/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Planon Software + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.planonsoftware.com/uk/news/log4j-impact-on-planon/ + notes: This advisory is available for customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Platform.SH + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://platform.sh/blog/2021/platformsh-protects-from-apache-log4j/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Plesk + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Plex + product: Plex Industrial IoT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: The product has been updated to Log4j version 2.15. An additional patch + is being developed to update to 2.16. No user interaction is required. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Polycom + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Portainer + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.portainer.io/blog/portainer-statement-re-log4j-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: PortSwigger + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: PostGreSQL + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Postman + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228- + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Power Admin LLC + product: PA File Sight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - NONE + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Power Admin LLC + product: PA Storage Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - NONE + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Power Admin LLC + product: PA Server Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - NONE + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Pretix + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pretix.eu/about/de/blog/20211213-log4j/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: PrimeKey + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Progress / IpSwitch + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.progress.com/security + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: ProofPoint + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://proofpointcommunities.force.com/community/s/article/Proofpoint-Statement-Regarding-CVE-2021-44228-Java-logging-package-log4j2 + notes: This advisory is available for customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: ProSeS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.proses.de/en/2021/12/16/log4shell-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Prosys + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://prosysopc.com/news/important-security-release/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Proxmox + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: PRTG Paessler + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.paessler.com/en/topic/90213-is-prtg-affected-by-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: PTC + product: Axeda Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 6.9.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ptc.com/en/support/article/CS358990 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: PTC + product: ThingsWorx Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '8.5' + - '9.0' + - '9.1' + - '9.2' + - All supported versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ptc.com/en/support/article/CS358901 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: PTC + product: ThingsWorx Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '8.5' + - '9.0' + - '9.1' + - '9.2' + - All supported versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ptc.com/en/support/article/CS358901 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: PTV Group + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Ivanti Connect Secure (ICS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for secure Access + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for ZTA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Pulse Connect Secure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Pulse Desktop Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Pulse Mobile Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Pulse One + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Pulse Policy Secure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Pulse Secure Services Director + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Pulse Secure Virtual Traffic Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Pulse Secure Web Application Firewall + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Pulse ZTA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Puppet + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pure Storage + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22) + notes: This advisory is available for customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for ZTA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for secure Access + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Pure Storage + product: FlashBlade + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.1.x + - 3.2.x + - 3.3.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: Patch expected 12/24/2021 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: Flash Array + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 5.3.x + - 6.0.x + - 6.1.x + - 6.2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: Patch expected 12/20/2021 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: Cloud Blockstore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - CBS6.1.x + - CBS6.2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: Patch expected 12/27/2021 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: Pure1 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - N/A + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: PortWorx + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.8.0+ + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Pyramid Analytics + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.pyramidanalytics.com/t/83hjjt4/log4j-security-vulnerability-pyramid + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: QF-Test + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.qfs.de/en/blog/article/no-log4j-vulnerability-in-qf-test.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: Qlik + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:55+00:00' + - vendor: QMATIC + product: Orchestra Central + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 6.0+ + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: QMATIC + product: Appointment Booking + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.4+ + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability + notes: Update to v. 2.8.2 which contains log4j 2.16 + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: QMATIC + product: Insights + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Cloud + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability + notes: log4j 2.16 applied 2021-12-16 + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: QMATIC + product: Appointment Booking + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Cloud/Managed Service + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability + notes: log4j 2.16 applied 2021-12-15 + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: QNAP + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.qnap.com/en-uk/security-advisory/qsa-21-58 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: QOPPA + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kbdeveloper.qoppa.com/cve-2021-44228-apache-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: QSC Q-SYS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://qscprod.force.com/selfhelpportal/s/article/Are-Q-SYS-products-affected-by-the-Log4j-vulnerability-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: QT + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.qt.io/blog/the-qt-company-products-not-affected-by-cve-2021-44228-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Quest Global + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.quest.com/fr-fr/search#q=CVE-2021-44228&t=Global + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: R + product: R + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 4.1.1 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.r-project.org/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: R2ediviewer + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://r2ediviewer.de/DE/reload.html?Change-log_17858584.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Radware + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.radware.com/app/answers/answer_view/a_id/1029752 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Rapid7 + product: AlcidekArt, kAdvisor, and kAudit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: AppSpider Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: AppSpider Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Insight Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightAppSec Scan Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightAppSec Scan Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightCloudSec/DivvyCloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightConnect Orchestrator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightIDR Network Sensor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightIDR/InsightOps Collector & Event Sources + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightOps DataHub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - InsightOps DataHub <= 2.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Upgrade [DataHub to version 2.0.1](https://rep.logentries.com/datahub/DataHub_2.0.1.deb) + using the [following instructions](https://docs.rapid7.com/insightops/setting-up-datahub/). + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightOps non-Java logging libraries + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightOps r7insight_java logging library + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <=3.0.8 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Upgrade [r7insight_java](https://github.com/rapid7/r7insight_java) to 3.0.9 + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM Kubernetes Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM/Nexpose + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM/Nexpose Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” + packaged in them. This is a different library than log4j-core and is not vulnerable + to Log4Shell. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM/Nexpose Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” + packaged in them. This is a different library than log4j-core and is not vulnerable + to Log4Shell. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: IntSights virtual appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Logentries DataHub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Linux version <= 1.2.0.820; Windows version <= 1.2.0.820 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: 'Linux: Install DataHub_1.2.0.822.deb using the following [instructions](https://docs.logentries.com/docs/datahub-linux). + Windows: Run version 1.2.0.822 in a Docker container or as a Java command per + these [instructions](https://docs.logentries.com/docs/datahub-windows). You + can find more details [here](https://docs.logentries.com/docs/datahub-linux).' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Logentries le_java logging library + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 'All versions: this is a deprecated component' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Migrate to version 3.0.9 of [r7insight_java](https://github.com/rapid7/r7insight_java) + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Metasploit Framework + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Metasploit Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Metasploit Pro ships with log4j but has specific configurations applied + to it that mitigate Log4Shell. A future update will contain a fully patched + version of log4j. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: tCell Java Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Velociraptor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Raritan + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.raritan.com/support + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Ravelin + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://syslog.ravelin.com/log4shell-cve-2021-44228-4338bb8da67b + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Real-Time Innovations (RTI) + product: Distributed Logger + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: Recording Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Administration Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Code Generator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Code Generator Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Micro Application Generator (MAG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - as part of RTI Connext Micro 3.0.0 + - 3.0.1 + - 3.0.2 + - 3.0.3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Micro Application Generator (MAG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - as part of RTI Connext Professional 6.0.0 and 6.0.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss Enterprise Application Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '7' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: "[Maven Patch](https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.4)\ + \ - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't\ + \ affected." + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Process Automation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '7' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: "[Maven Patch](https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=103671&product=rhpam&version=7.11.1&downloadType=patches)\ + \ - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't\ + \ affected." + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat CodeReady Studio + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 12.21.0 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[CRS 12.21.1 Patch](https://developers.redhat.com/products/codeready-studio/download?source=sso)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Data Grid + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '8' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5132](http://access.redhat.com/errata/RHSA-2021:5132)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Integration Camel K + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5130](https://access.redhat.com/errata/RHSA-2021:5130)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Integration Camel Quarkus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5126](https://access.redhat.com/errata/RHSA-2021:5126)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss A-MQ Streaming + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5138](https://access.redhat.com/errata/RHSA-2021:5138)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss Fuse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '7' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5134](https://access.redhat.com/errata/RHSA-2021:5134)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Vert.X + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '4' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5093](https://access.redhat.com/errata/RHSA-2021:5093)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 3.11 + product: openshift3/ose-logging-elasticsearch5 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5094](http://access.redhat.com/errata/RHSA-2021:5094)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 4 + product: openshift4/ose-logging-elasticsearch6 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 4 + product: openshift4/ose-metering-hive + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 4 + product: openshift4/ose-metering-presto + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Logging + product: logging-elasticsearch6-container + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Single Sign-On + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Enterprise Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '6' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Enterprise Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Enterprise Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '8' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat build of Quarkus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Decision Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat Software Collections + product: rh-java-common-log4j + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat Software Collections + product: rh-maven35-log4j12 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat Software Collections + product: rh-maven36-log4j12 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: log4j-core + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Satellite 5 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Spacewalk + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss Enterprise Application Platform Expansion Pack + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat OpenStack Platform 13 (Queens) + product: opendaylight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: End of Life + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Red5Pro + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: RedGate + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.red-gate.com/privacy-and-security/vulnerabilities/2021-12-15-log4j-statement + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: ResMed + product: myAir + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.resmed.com/en-us/security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: ResMed + product: AirView + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.resmed.com/en-us/security/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Redis + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://redis.com/security/notice-apache-log4j2-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Reiner SCT + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.reiner-sct.com/index.php?/topic/5973-timecard-und-log4j-schwachstelle/&do=findComment&comment=14933 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: ReportURI + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://scotthelme.co.uk/responding-to-the-log4j-2-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Respondus + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.respondus.com/support/index.php?/News/NewsItem/View/339 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Revenera / Flexera + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Ricoh + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ricoh.com/info/2021/1215_1/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: RingCentral + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ringcentral.com/trust-center/security-bulletin.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Riverbed + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportkb.riverbed.com/support/index?page=content&id=S35645 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Rockwell Automation + product: FactoryTalk Analytics DataFlowML + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.00.00 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: FactoryTalk Analytics DataView + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.03.00 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: Industrial Data Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Gen 1 + - Gen 2 + - Gen 3 + - Gen 3.5 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: MES EIG + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.03.00 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: Customers should upgrade to EIG Hub if possible or work with their local + representatives about alternative solutions. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: VersaVirtual + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Series A + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: Warehouse Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.01.00 + - 4.02.00 + - 4.02.01 + - 4.02.02 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Rollbar + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rollbar.com/blog/log4j-zero-day-2021-log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Rosette.com + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: RSA + product: SecurID Authentication Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: RSA + product: SecurID Authentication Manager Prime + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: RSA + product: SecurID Authentication Manager WebTier + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: RSA + product: SecurID Governance and Lifecycle + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: RSA + product: SecurID Governance and Lifecycle Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: RSA + product: SecurID Identity Router + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: RSA Netwitness + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Rstudioapi + product: Rstudioapi + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '0.13' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/rstudio/rstudioapi + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Rubrik + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Ruckus + product: Virtual SmartZone (vSZ) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 5.1 to 6.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.ruckuswireless.com/security_bulletins/313 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-13T00:00:00' + - vendor: RunDeck by PagerDuty + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.rundeck.com/docs/history/CVEs/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: PagerDuty + product: PagerDuty SaaS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pagerduty.com/docs/pagerduty-log4j-zero-day-vulnerability + notes: We currently see no evidence of compromises on our platform. Our teams + continue to monitor for new developments and for impacts on sub-processors and + dependent systems. PagerDuty SaaS customers do not need to take any additional + action for their PagerDuty SaaS environment + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Runecast + product: Runecast Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 6.0.3 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.runecast.com/release-notes + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SAE-IT + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SAFE FME Server + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SAGE + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SailPoint + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Salesforce + product: Analytics Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Analytics Cloud is reported to be affected by CVE-2021-44228. Services + have been updated to mitigate the issues identified in CVE-2021-44228 and we + are executing our final validation steps."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: B2C Commerce Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The + service is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: ClickSoftware (As-a-Service) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. + The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: ClickSoftware (On-Premise) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Please contact Customer Support."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Community Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Community Cloud is reported to be affected by CVE-2021-44228. The service + is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Data.com + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Data.com is reported to be affected by CVE-2021-44228. The service has + a mitigation in place and is being updated to remediate the vulnerability identified in + CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: DataLoader + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - <=53.0.0 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/forcedotcom/dataloader/releases/tag/v53.0.1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Salesforce + product: Datorama + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Datorama is reported to be affected by CVE-2021-44228. The service has + a mitigation in place and is being updated to remediate the vulnerability identified in + CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Evergage (Interaction Studio) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. + Services have been updated to mitigate the issues identified in CVE-2021-44228 + and we are executing our final validation steps."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Force.com + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Force.com is reported to be affected by CVE-2021-44228. The service is + being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Heroku + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Heroku is reported to not be affected by CVE-2021-44228; no further action + is necessary at this time."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Marketing Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Marketing Cloud is reported to be affected by CVE-2021-44228. The service + is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: MuleSoft (Cloud) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service + is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: MuleSoft (On-Premise) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Please contact Customer Support."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Pardot + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Pardot is reported to be affected by CVE-2021-44228. The service is being + updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Sales Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Sales Cloud is reported to be affected by CVE-2021-44228. The service + is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Service Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Service Cloud is reported to be affected by CVE-2021-44228. The service + is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Slack + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Slack is reported to be affected by CVE-2021-44228. The service has a + mitigation in place and is being updated to remediate the vulnerability identified in + CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Social Studio + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Social Studio is reported to be affected by CVE-2021-44228. The service + has a mitigation in place and is being updated to remediate the vulnerability + identified in CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Tableau (On-Premise) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 2021.4.1 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell + notes: Fixed in 2021.4.1 + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Salesforce + product: Tableau (Online) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Tableau (Online) is reported to be affected by CVE-2021-44228. The service + is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Sangoma + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.sangoma.com/community/s/article/Log4Shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SAP + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: SAP Advanced Platform + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://launchpad.support.sap.com/#/notes/3130698 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: SAP BusinessObjects + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blogs.sap.com/2021/12/16/cve-2021-44228-impact-of-log4j-vulnerability-on-sap-businessobjects/ + notes: The support document is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: SAS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SASSAFRAS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sassafras.com/log4j-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Savignano software solutions + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://savignano.atlassian.net/wiki/spaces/SNOTIFY/blog/2021/12/13/2839740417/No+Log4j+Vulnerability+in+S+Notify + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SBT + product: SBT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <1.5.6 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/sbt/sbt/releases/tag/v1.5.7 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: ScaleComputing + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.scalecomputing.com/s/article/Apache-Log4j-Vulnerability + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: ScaleFusion MobileLock Pro + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.mobilock.in/article/t9sx43yg44-scalefusion-security-advisory-for-apache-log-4-j-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Schneider Electric + product: EcoStruxure IT Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - V1.5.0 to V1.13.0 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://ecostruxureit.com/download-and-set-upecostruxureit-gateway/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: EcoStruxure IT Expert + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: Facility Expert Small Business + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: Wiser by SE platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: EASYFIT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: Ecoreal XL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: Eurotherm Data Reviewer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - V3.0.2 and prior + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: MSE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: NetBotz750/755 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Software versions 5.0 through 5.3.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: NEW630 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SDK BOM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SDK-Docgen + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SDK-TNC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SDK-UMS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SDK3D2DRenderer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SDK3D360Widget + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: Select and Config DATA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SNC-API + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SNC-CMM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SNCSEMTECH + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SPIMV3 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SWBEditor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SWBEngine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Schweitzer Engineering Laboratories + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://selinc.com/support/security-notifications/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: SCM Manager + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://scm-manager.org/blog/posts/2021-12-13-log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: ScreenBeam + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://customersupport.screenbeam.com/hc/en-us/articles/4416468085389-December-2021-Security-Alert-Log4j-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SDL worldServer + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://gateway.sdl.com/apex/communityknowledge?articleName=000017707 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Seagull Scientific + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.seagullscientific.com/hc/en-us/articles/4415794235543-Apache-Log4Shell-Vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SecurePoint + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securepoint.de/news/details/sicherheitsluecke-log4j-securepoint-loesungen-nicht-betroffen.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Security Onion + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Securonix + product: SNYPR Application + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-OnPrem-Customer-Update.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: Securonix + product: Next Gen SIEM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf + notes: Patching ongoing as of 12/10/2021 + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: Securonix + product: User and Entity Behavior Analytics(UEBA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf + notes: Patching ongoing as of 12/10/2021 + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: Securonix + product: Security Analytics and Operations Platform (SOAR) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf + notes: Patching ongoing as of 12/10/2021 + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: Securonix + product: Extended Detection and Response (XDR) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf + notes: Patching ongoing as of 12/10/2021 + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: Seeburger + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open + notes: This advisory is avaiable to customers only and has not been reviewed by + CISA. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SentinelOne + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sentinelone.com/blog/cve-2021-44228-staying-secure-apache-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Sentry + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.sentry.io/2021/12/15/sentrys-response-to-log4j-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SEP + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.sep.de/otrs/public.pl?Action=PublicFAQZoom;ItemID=132 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Server Eye + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.server-eye.de/blog/sicherheitsluecke-log4j-server-eye-systeme-sind-nicht-betroffen/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: ServiceNow + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Shibboleth + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - http://shibboleth.net/pipermail/announce/2021-December/000253.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Shibboleth + product: All Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Identity Provider>=3.0 + - All other software versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://shibboleth.net/pipermail/announce/2021-December/000253.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: Shopify + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Siebel + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Siemens + product: Affected Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf + notes: 'Siemens requests: See pdf for the complete list of affected products, + CSAF for automated parsing of data' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens + product: Affected Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf + notes: 'Siemens requests: See pdf for the complete list of affected products, + CSAF for automated parsing of data' + references: + - '' + reporter: cisagov + last_updated: '2021-12-19T00:00:00' + - vendor: Siemens Energy + product: Affected Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf + notes: 'Siemens requests: See pdf for the complete list of affected products, + CSAF for automated parsing of data' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Siemens Energy + product: Affected Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf + notes: 'Siemens requests: See pdf for the complete list of affected products, + CSAF for automated parsing of data' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Siemens Energy + product: Affected Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf + notes: 'Siemens requests: See pdf for the complete list of affected products, + CSAF for automated parsing of data' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Siemens Healthineers + product: ATELLICA DATA MANAGER v1.1.1 / v1.2.1 / v1.3.1 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: If you have determined that your Atellica Data Manager has a “Java communication + engine” service, and you require an immediate mitigation, then please contact + your Siemens Customer Care Center or your local Siemens technical support representative. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: CENTRALINK v16.0.2 / v16.0.3 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: If you have determined that your CentraLink has a “Java communication engine” + service, and you require a mitigation, then please contact your Siemens Customer + Care Center or your local Siemens technical support representative. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: DICOM Proxy VB10A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: remove the vulnerable class from the .jar file' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Somatom Scope Som5 VC50 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Somatom Emotion Som5 VC50 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.All, Som10 VA20 / VA30 / VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.Fit, Som10 VA30 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.Now, Som10 VA10 / VA20 / VA30 / VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.Open Pro, Som10 VA30 / VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.Sim, Som10 VA30 / VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.Top, Som10 VA20 / VA20A_SP5 / VA30 / VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.Up, Som10 VA10 / VA20 / VA30 / VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM AERA 1,5T, MAGNETOM PRISMA, MAGNETOM PRISMA FIT, MAGNETOM SKYRA + 3T NUMARIS/X VA30A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Altea NUMARIS/X VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM ALTEA, MAGNETOM LUMINA, MAGNETOM SOLA, MAGNETOM VIDA NUMARIS/X + VA31A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Amira NUMARIS/X VA12M + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Free.Max NUMARIS/X VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Lumina NUMARIS/X VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Sempra NUMARIS/X VA12M + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Sola fit NUMARIS/X VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Sola NUMARIS/X VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Vida fit NUMARIS/X VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Vida NUMARIS/X VA10A* / VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: remove the vulnerable class from the .jar file' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Syngo MobileViewer VA10A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: The vulnerability will be patch/mitigated in upcoming releases\patches. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: syngo Plaza VB20A / VB20A_HF01 - HF07 / VB30A / VB30A_HF01 / VB30A_HF02 + / VB30B / VB30C / VB30C_HF01 - HF06 / VB30C_HF91 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: remove the vulnerable class from the .jar file' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: syngo Workflow MLR VB37A / VB37A_HF01 / VB37A_HF02 / VB37B / VB37B_HF01 + - HF07 / VB37B_HF93 / VB37B_HF94 / VB37B_HF96 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: Please contact your Customer Service to get support on mitigating the vulnerability. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: syngo.via VB20A / VB20A_HF01 - HF08 / VB20A_HF91 / VB20B / VB30A / VB30A_HF01 + - VB30A_HF08 / VB30A_HF91VB30B / VB30B_HF01 / VB40A / VB40A_HF01 - HF02 /VB40B + / VB40B_HF01 - HF05 / VB50A / VB50A_CUT / VB50A_D4VB50B / VB50B_HF01 - HF03 + / VB60A / VB60A_CUT / VB60A_D4 / VB60A_HF01 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: remove the vulnerable class from the .jar file' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Cios Select FD/I.I. VA21 / VA21-S3P + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Cios Flow S1 / Alpha / Spin VA30 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: syngo.via WebViewer VA13B / VA20A / VA20B + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: remove the vulnerable class from the .jar file' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: X.Ceed Somaris 10 VA40* + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: X.Cite Somaris 10 VA30*/VA40* + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Sierra Wireless + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Signald + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://gitlab.com/signald/signald/-/issues/259 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Silver Peak + product: Orchestrator, Silver Peak GMS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.arubanetworks.com/website/techdocs/sdwan/docs/advisories/media/security_advisory_notice_apache_log4j2_cve_2021_44228.pdf + notes: Customer managed Orchestrator and legacy GMS products are affected by this + vulnerability. This includes on-premise and customer managed instances running + in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective + Action Required for details about how to mitigate this exploit. + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' + - vendor: SingleWire + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.singlewire.com/s/article/Apache-Log4j2-vulnerability-CVE-2021-44228 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Sitecore + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1001391 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Skillable + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://skillable.com/log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SLF4J + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - http://slf4j.org/log4shell.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Slurm + product: Slurm + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 20.11.8 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://slurm.schedmd.com/documentation.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: SmartBear + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://smartbear.com/security/cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SmileCDR + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Snakemake + product: Snakemake + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 6.12.1 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://snakemake.readthedocs.io/en/stable/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: Sn0m + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.snom.com/en/press/log4j-poses-no-threat-snom-phones/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Snow Software + product: Snow Commander + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 8.1 to 8.10.2 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Snow Software + product: VM Access Proxy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - v3.1 to v3.6 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Snowflake + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.snowflake.com/s/article/No-Snowflake-exposure-to-Apache-Log4j-vulnerability-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Snyk + product: Cloud Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://updates.snyk.io/snyk%27s-cloud-platform-all-clear-from-log4j-exploits-216499 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Software AG + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: SolarWinds + product: Database Performance Analyzer (DPA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2021.1.x + - 2021.3.x + - 2022.1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 + notes: 'For more information, please see the following KB article: [link](https://support.solarwinds.com/SuccessCenter/s/article/Database-Performance-Analyzer-DPA-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-23T00:00:00' + - vendor: SolarWinds + product: Orion Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-23T00:00:00' + - vendor: SolarWinds + product: Server & Application Monitor (SAM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - SAM 2020.2.6 and later + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 + notes: 'For more information, please see the following KB article for the latest + details specific to the SAM hotfix: [link](https://support.solarwinds.com/SuccessCenter/s/article/Server-Application-Monitor-SAM-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US)' + references: + - '' + reporter: cisagov + last_updated: '2021-12-23T00:00:00' + - vendor: SonarSource + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Sonatype + product: All Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All Versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.sonatype.com/docs/important-announcements/sonatype-product-log4j-vulnerability-status + notes: Sonatype uses logback as the default logging solution as opposed to log4j. + This means our software including Nexus Lifecycle, Nexus Firewall, Nexus Repository + OSS and Nexus Repository Pro in versions 2.x and 3.x are NOT affected by the + reported log4j vulnerabilities. We still advise keeping your software upgraded + at the latest version. + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T00:00:00' + - vendor: SonicWall + product: Capture Client & Capture Client Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the Capture Client. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Access Points + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the SonicWall Access Points + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Under Review + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Under Review + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Capture Security Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the Capture Security appliance. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: CAS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Under Review + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Email Security + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: ES 10.0.11 and earlier versions are impacted + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: SonicWall + product: Gen5 Firewalls (EOS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the appliance. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Gen6 Firewalls + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the appliance. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Gen7 Firewalls + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the appliance. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: GMS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Under Review + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: MSW + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Mysonicwall service doesn't use Log4j + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: NSM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: NSM On-Prem and SaaS doesn't use a vulnerable version + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: SMA 100 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the SMA100 appliance. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: SMA 1000 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Version 12.1.0 and 12.4.1 doesn't use a vulnerable version + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: SonicCore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: SonicCore doesn't use a Log4j2 + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: SonicWall Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the SonicWall Switch. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: WAF + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Under Review + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: WNM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the WNM. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: WXA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: WXA doesn't use a vulnerable version + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Cloud Optix + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Users may have noticed a brief outage around 12:30 GMT as updates were + deployed. There was no evidence that the vulnerability was exploited and to + our knowledge no customers are impacted. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Reflexion + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Reflexion does not run an exploitable configuration. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: SG UTM (all versions) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Sophos SG UTM does not use Log4j. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: SG UTM Manager (SUM) (all versions) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: SUM does not use Log4j. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Sophos Central + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Sophos Central does not run an exploitable configuration. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Sophos Firewall (all versions) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Sophos Firewall does not use Log4j. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Sophos Home + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Sophos Home does not use Log4j. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Sophos Mobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Sophos Mobile (in Central, SaaS, and on-premises) does not run an exploitable + configuration. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Sophos Mobile EAS Proxy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 9.7.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: The Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers + will need to download and install version 9.7.2, available from Monday December + 13, 2021, on the same machine where it is currently running. PowerShell mode + is not affected. Customers can download the Standalone EAS Proxy Installer version + 9.7.2 from the Sophos website. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Sophos ZTNA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Sophos ZTNA does not use Log4j. + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: SOS Berlin + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sos-berlin.com/en/news-mitigation-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Spambrella + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spambrella.com/faq/status-of-spambrella-products-with-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Spigot + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spigotmc.org/threads/spigot-security-releases-%E2%80%94-1-8-8%E2%80%931-18.537204/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Splunk + product: Splunk Add-On for Java Management Extensions [App ID 2647](https://splunkbase.splunk.com/app/2647) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 5.2.0 and older + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk Splunk Add-On for JBoss [App ID 2954](https://splunkbase.splunk.com/app/2954/) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.0.0 and older + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk Add-On for Tomcat [App ID 2911](https://splunkbase.splunk.com/app/2911/) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.0.0 and older + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Data Stream Processor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - DSP 1.0.x + - DSP 1.1.x + - DSP 1.2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: IT Essentials Work [App ID 5403](https://splunkbase.splunk.com/app/5403/) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '4.11' + - 4.10.x (Cloud only) + - 4.9.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: IT Service Intelligence (ITSI) [App ID 1841](https://splunkbase.splunk.com/app/1841/) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.11.0 + - 4.10.x (Cloud only) + - 4.9.x + - 4.8.x (Cloud only) + - 4.7.x + - 4.6.x + - 4.5.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk Connect for Kafka + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions prior to 2.0.4 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk Enterprise (including instance types like Heavy Forwarders) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used. + See Removing Log4j from Splunk Enterprise below for guidance on unsupported + versions. + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk Enterprise Amazon Machine Image (AMI) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - See Splunk Enterprise + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk Enterprise Docker Container + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - See Splunk Enterprise + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk Logging Library for Java + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.11.0 and older + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk OVA for VMWare [App ID 3216](https://splunkbase.splunk.com/app/3216/) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.0.3 and older + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk OVA for VMWare Metrics [App ID 5096](https://splunkbase.splunk.com/app/5096/) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.2.1 and older + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.1.1 and older + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk On-call / VictorOps + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk Real User Monitoring + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk Application Performance Monitoring + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk Infrastructure Monitoring + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk Log Observer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk Synthetics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Splunk + product: Splunk UBA OVA Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 5.0.3a + - 5.0.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T09:25:00-08:00' + - vendor: Sprecher Automation + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sprecher-automation.com/en/it-security/security-alerts + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Spring + product: Spring Boot + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot + notes: Spring Boot users are only affected by this vulnerability if they have + switched the default logging system to Log4J2 + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: Spring Boot + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: StarDog + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.stardog.com/t/stardog-7-8-1-available/3411 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:56+00:00' + - vendor: STERIS + product: Advantage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Advantage Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: DSD Edge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: EndoDry + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RapidAER + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Endora + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Canexis 1.0 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: ConnectoHIS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: ScopeBuddy+ + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: DSD-201, + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: CER Optima + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Renatron + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: ConnectAssure Technology + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: SPM Surgical Asset Tracking Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: CS-iQ Sterile Processing Workflow + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO 2000 SERIES WASHER DISINFECTORS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO 3000 SERIES WASHER DISINFECTORS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO 5000 SERIES WASHER DISINFECTORS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO 7000 SERIES WASHER DISINFECTORS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RELIANCE 444 WASHER DISINFECTOR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RELIANCE SYNERGY WASHER DISINFECTOR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RELIANCE VISION 1300 SERIES CART AND UTENSIL WASHER DISINFECTORS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RELIANCE VISION MULTI- CHAMBER WASHER DISINFECTOR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RELIANCE VISION SINGLE CHAMBER WASHER DISINFECTOR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO 400 MEDIUM STEAM STERILIZER + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO 400 SMALL STEAM STERILIZERS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO 600 MEDIUM STEAM STERILIZER + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO CENTURY MEDIUM STEAM STERILIZER + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO CENTURY SMALL STEAM STERILIZER + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO EAGLE 3000 SERIES STAGE 3 STEAM STERILIZERS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO EVOLUTION FLOOR LOADER STEAM STERILIZER + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO EVOLUTION MEDIUM STEAM STERILIZER + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: CELERITY HP INCUBATOR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: CELERITY STEAM INCUBATOR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: VERIFY INCUBATOR FOR ASSERT SELF-CONTAINED BIOLOGICAL INDICATORS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: SYSTEM 1 endo LIQUID CHEMICAL STERILANT PROCESSING SYSTEM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: V-PRO 1 LOW TEMPERATURE STERILIZATION SYSTEM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: V-PRO 1 PLUS LOW TEMPERATURE STERILIZATION SYSTEM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: V-PRO MAX 2 LOW TEMPERATURE STERILIZATION SYSTEM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: V-PRO MAX LOW TEMPERATURE STERILIZATION SYSTEM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: V-PRO S2 LOW TEMPERATURE STERILIZATION SYSTEM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: SecureCare ProConnect Technical Support Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: HexaVue Integration System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: IDSS Integration System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Harmony iQ Integration Systems + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: HexaVue + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Connect Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Harmony iQ Perspectives Image Management System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Clarity Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Situational Awareness for Everyone Display (S.A.F.E.) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RealView Visual Workflow Management System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: ReadyTracker + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Sterling Order IBM + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/support/pages/node/6525544 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Storagement + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.storagement.de/index.php?action=topicofthemonth&site=log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: StormShield + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.stormshield.com/news/log4shell-security-alert-stormshield-product-response/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: StrangeBee TheHive & Cortex + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.strangebee.com/apache-log4j-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Stratodesk + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - http://cdn.stratodesk.com/repository/notouch-center/10/4.5.231/0/ReleaseNotes-Stratodesk-NoTouch_Center-4.5.231.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Strimzi + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://strimzi.io/blog/2021/12/14/strimzi-and-log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Stripe + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.stripe.com/questions/update-for-apache-log4j-vulnerability-(cve-2021-44228) + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Styra + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.styra.com/blog/newest-log4j-security-vulnerability-cve-2021-44228-log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Sumologic + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.google.com/document/d/e/2PACX-1vSdeODZ2E5k0aZgHm06OJWhDQWgtxxB0ZIrTsuQjg5xaoxlogmTVGdOWoSFtDlZBdHzY6ET6k6Sk-g1/pub + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: SumoLogic + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.sumologic.com/Release-Notes/Collector-Release-Notes#december-11-2021-19-361-12 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Superna EYEGLASS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://manuals.supernaeyeglass.com/project-technical-advisories-all-products/HTML/technical-advisories.html#h2__1912345025 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Suprema Inc + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.supremainc.com/en/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: SUSE + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.suse.com/c/suse-statement-on-log4j-log4shell-cve-2021-44228-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Sweepwidget + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sweepwidget.com/view/23032-v9f40ns1/4zow83-23032 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Swyx + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://service.swyx.net/hc/de/articles/4412323539474 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Synchro MSP + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.syncromsp.com/t/log4j-rce-cve-2021-4428/1350 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Syncplify + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.syncplify.com/no-we-are-not-affected-by-log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Synology + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.synology.com/en-global/security/advisory/Synology_SA_21_30 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Synopsys + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.synopsys.com/s/article/SIG-Security-Advisory-for-Apache-Log4J2-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Syntevo + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.syntevo.com/blog/?p=5240 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: SysAid + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sysaid.com/lp/important-update-regarding-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Sysdig + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sysdig.com/blog/cve-critical-vulnerability-log4j/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Tableau + product: Tableau Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 'The following versions and lower: 2021.4' + - 2021.3.4 + - 2021.2.5 + - 2021.1.8 + - 2020.4.11 + - 2020.3.14 + - 2020.2.19 + - 2020.1.22 + - 2019.4.25 + - 2019.3.26 + - 2019.2.29 + - 2019.1.29 + - 2018.3.29 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Tableau + product: Tableau Desktop + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 'The following versions and lower: 2021.4' + - 2021.3.4 + - 2021.2.5 + - 2021.1.8 + - 2020.4.11 + - 2020.3.14 + - 2020.2.19 + - 2020.1.22 + - 2019.4.25 + - 2019.3.26 + - 2019.2.29 + - 2019.1.29 + - 2018.3.29 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Tableau + product: Tableau Prep Builder + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 'The following versions and lower: 22021.4.1' + - 2021.3.2 + - 2021.2.2 + - 2021.1.4 + - 2020.4.1 + - 2020.3.3 + - 2020.2.3 + - 2020.1.5 + - 2019.4.2 + - 2019.3.2 + - 2019.2.3 + - 2019.1.4 + - 2018.3.3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Tableau + product: Tableau Public Desktop Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 'The following versions and lower: 2021.4' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Tableau + product: Tableau Reader + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 'The following versions and lower: 2021.4' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Tableau + product: Tableau Bridge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 'The following versions and lower: 20214.21.1109.1748' + - 20213.21.1112.1434 + - 20212.21.0818.1843 + - 20211.21.0617.1133 + - 20204.21.0217.1203 + - 20203.20.0913.2112 + - 20202.20.0721.1350 + - 20201.20.0614.2321 + - 20194.20.0614.2307 + - 20193.20.0614.2306 + - 20192.19.0917.1648 + - 20191.19.0402.1911 + - 20183.19.0115.1143 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Talend + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://jira.talendforge.org/browse/TCOMP-2054 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Tanium + product: All + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tanium.my.salesforce.com/sfc/p/#60000000IYkG/a/7V000000PeT8/8C98AHl7wP5_lpUwp3qmY5sSdwXx6wG6LE4gPYlxO8c + notes: Tanium does not use Log4j. + references: + - '' + reporter: cisagov + last_updated: '2021-12-21T00:00:00' + - vendor: TealiumIQ + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.tealiumiq.com/t5/Announcements-Blog/Update-on-Log4j-Security-Vulnerability/ba-p/36824 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: TeamPasswordManager + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://teampasswordmanager.com/blog/log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Teamviewer + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.teamviewer.com/en/trust-center/security-bulletins/hotfix-log4j2-issue/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Tech Software + product: OneAegis (f/k/a IRBManager) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.techsoftware.com/hc/en-us/articles/4412825948179 + notes: OneAegis does not use Log4j. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Tech Software + product: SMART + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.techsoftware.com/hc/en-us/articles/4412825948179 + notes: SMART does not use Log4j. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Tech Software + product: Study Binders + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.techsoftware.com/hc/en-us/articles/4412825948179 + notes: Study Binders does not use Log4j. + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: TechSmith + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.techsmith.com/hc/en-us/articles/4416620527885?input_string=log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Telestream + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - http://www.telestream.net/telestream-support/Apache-Log4j2-Bulletin.htm + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Tenable + product: Tenable.io / Nessus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.tenable.com/log4j + notes: None of Tenable’s products are running the version of Log4j vulnerable + to CVE-2021-44228 or CVE-2021-45046 at this time + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Thales + product: CipherTrust Application Data Protection (CADP) – CAPI.net & Net Core + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust Cloud Key Manager (CCKM) Embedded + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust Database Protection + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust Transparent Encryption (CTE/VTE/CTE-U) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust Vaultless Tokenization (CTS, CT-VL) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Data Protection on Demand + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Data Security Manager (DSM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: KeySecure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Luna EFT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Luna Network, PCIe, Luna USB HSM and backup devices + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Luna SP + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: ProtectServer HSMs + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet Authentication Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet IDPrime Virtual + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet eToken (all products) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet IDPrime(all products) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet LUKS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet ProtectApp (PA) CAPI, .Net & Net Core + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet ProtectDB (PDB) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet ProtectV + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Safenet ProtectFile and ProtectFile- Fuse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet Transform Utility (TU) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet Trusted Access (STA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet PKCS#11 and TDE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet SQL EKM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SAS on Prem (SPE/PCE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel EMS Enterprise OnPremise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel ESDaaS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel Up + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel RMS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel Connect + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel Superdog, SuperPro, UltraPro, SHK + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel HASP, Legacy dog, Maze, Hardlock + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel Envelope + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Thales payShield 9000 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Thales payShield 10k + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Thales payShield Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Vormetirc Key Manager (VKM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Vormetric Application Encryption (VAE) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Vormetric Protection for Terradata Database (VPTD) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Vormetric Tokenization Server (VTS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: payShield Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CADP/SafeNet Protect App (PA) - JCE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust Batch Data Transformation (BDT) 2.3 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust Cloud Key Manager (CCKM) Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust Vaulted Tokenization (CT-V) / SafeNet Tokenization Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust/SafeNet PDBCTL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Crypto Command Center (CCC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet Vaultless Tokenization + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel LDK EMS (LDK-EMS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel LDKaas (LDK-EMS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel EMS Enterprise aaS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel Professional Services components (both Thales hosted & hosted + on-premises by customers) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel SCL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Thales Data Platform (TDP)(DDC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Thermo-Calc + product: Thermo-Calc + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 2022a + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/ + notes: Use the program as normal, Install the 2022a patch when available + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Thermo-Calc + product: Thermo-Calc + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 2021b + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/ + notes: Use the program as normal + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Thermo-Calc + product: Thermo-Calc + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 2018b to 2021a + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/ + notes: Use the program as normal, delete the Log4j 2 files in the program installation + if required, see advisory for instructions. + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Thermo-Calc + product: Thermo-Calc + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 2018a and earlier + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/ + notes: Use the program as normal + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Thermo Fisher Scientific + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://corporate.thermofisher.com/us/en/index/about/information-security/Protecting-Our-Products.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Thomson Reuters + product: HighQ Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <3.5 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://highqsolutions.zendesk.com + notes: Reported by vendor - Documentation is in vendor's client portal (login + required). This advisory is available to customer only and has not been reviewed + by CISA. + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: ThreatLocker + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://threatlocker.kb.help/log4j-vulnerability/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: ThycoticCentrify + product: Secret Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: ThycoticCentrify + product: Privilege Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: ThycoticCentrify + product: Account Lifecycle Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: ThycoticCentrify + product: Privileged Behavior Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: ThycoticCentrify + product: DevOps Secrets Vault + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: ThycoticCentrify + product: Connection Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: ThycoticCentrify + product: Password Reset Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: ThycoticCentrify + product: Cloud Suite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-10T00:00:00' + - vendor: Tibco + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.tibco.com/support/notices/2021/12/apache-log4j-vulnerability-update + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Top Gun Technology (TGT) + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.topgun-tech.com/technical-bulletin-apache-software-log4j-security-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: TopDesk + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.topdesk.com/tas/public/ssp/content/detail/knowledgeitem?unid=74952771dfab4b0794292e63b0409314 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Topicus Security + product: Topicus KeyHub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.topicus-keyhub.com/topicus-keyhub-is-not-vulnerable-to-cve-2021-44228/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-20T00:00:00' + - vendor: Topix + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.topix.de/de/technik/systemfreigaben.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Tosibox + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://helpdesk.tosibox.com/support/solutions/articles/2100050946-security-advisory-on-vulnerability-in-apache-log4j-library-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: TPLink + product: Omega Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Linux/Windows(all) + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.tp-link.com/us/support/faq/3255 + notes: 'Update is Beta. Reddit: overwritten vulnerable log4j with 2.15 files as + potential workaround. Though that should now be done with 2.16' + references: + - '[Tp Community Link](https://community.tp-link.com/en/business/forum/topic/514452),[Reddit + Link](https://www.reddit.com/r/TPLink_Omada/comments/rdzvlp/updating_the_sdn_to_protect_against_the_log4j)' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: TrendMicro + product: All + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://success.trendmicro.com/solution/000289940 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Tricentis Tosca + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support-hub.tricentis.com/open?number=NEW0001148&id=post + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Tripwire + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.tripwire.com/log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Trimble + product: eCognition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 10.2.0 Build 4618 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: Remediation steps provided by Trimble + references: + - '' + reporter: cisagov + last_updated: '2021-12-23T00:00:00' + - vendor: TrueNAS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.truenas.com/community/threads/log4j-vulnerability.97359/post-672559 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Tufin + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://portal.tufin.com/articles/SecurityAdvisories/Apache-Log4Shell-Vulnerability-12-12-2021 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: TYPO3 + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://typo3.org/article/typo3-psa-2021-004 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Ubiquiti + product: UniFi Network Application + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 6.5.53 & lower versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Ubiquiti + product: UniFi Network Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 6.5.54 & lower versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.ui.com/releases/UniFi-Network-Application-6-5-55/48c64137-4a4a-41f7-b7e4-3bee505ae16e + notes: '' + references: + - 6.5.54 is reported to still be vulnerable. 6.5.55 is the new recommendation + for mitigatin log4j vulnerabilities by updating to log4j 2.16.0 + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Ubuntu + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://ubuntu.com/security/CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Umbraco + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: UniFlow + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.uniflow.global/en/security/security-and-maintenance/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Unify ATOS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://networks.unify.com/security/advisories/OBSO-2112-01.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Unimus + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.unimus.net/viewtopic.php?f=7&t=1390#top + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: UiPath + product: InSights + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '20.10' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.uipath.com/legal/trust-and-security/cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: USSIGNAL MSP + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://ussignal.com/blog/apache-log4j-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: VArmour + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Varian + product: Acuity + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: DITC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: ARIA Connect (Cloverleaf) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: ARIA oncology information system for Medical Oncology + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: XMediusFax for ARIA oncology information system for Medical Oncology + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: ARIA oncology information system for Radiation Oncology + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: ARIA eDOC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: XMediusFax for ARIA oncology information system for Radiation Oncology + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: ARIA Radiation Therapy Management System (RTM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Bravos Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Clinac + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Cloud Planner + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: DoseLab + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Eclipse treatment planning software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: ePeerReview + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Ethos + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: FullScale oncology IT solutions + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Halcyon system + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Identify + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Information Exchange Manager (IEM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: InSightive Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Large Integrated Oncology Network (LION) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: ICAP + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Mobius3D platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: ProBeam + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Qumulate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Real-time Position Management (RPM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Respiratory Gating for Scanners (RGSC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: SmartConnect solution + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: 'See Knowledge Article: 000038850 on MyVarian' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: SmartConnect solution Policy Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: 'See Knowledge Articles: 000038831 and 000038832 on MyVarian' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: PaaS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: TrueBeam radiotherapy system + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: UNIQUE system + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Varian Authentication and Identity Server (VAIS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Varian Managed Services Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Varian Mobile App + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '2.0' + - '2.5' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: VariSeed + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Velocity + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: VitalBeam radiotherapy system + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: Vitesse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Varnish Software + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.varnish-software.com/security/CVE-2021-44228-45046/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Varonis + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.varonis.com/s/article/Apache-Log4j-Zero-Day-Vulnerability-CVE-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Veeam + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.veeam.com/kb4254 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Venafi + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.venafi.com/hc/en-us/articles/4416213022733-Log4j-Zero-Day-Vulnerability-notice + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Veritas NetBackup + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.veritas.com/content/support/en_US/article.100052070 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Vertica + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.vertica.com/discussion/242512/vertica-security-bulletin-a-potential-vulnerability-has-been-identified-apache-log4j-library-used + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Viso Trust + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.visotrust.com/viso-trust-statement-re-cve-2021-44228-log4j-a4b9b5767492 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: VMware + product: API Portal for VMware Tanzu + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: App Metrics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: Healthwatch for Tanzu Application Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.x + - 1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: Single Sign-On for VMware Tanzu Application Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: Spring Cloud Gateway for Kubernetes + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: Spring Cloud Gateway for VMware Tanzu + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: Spring Cloud Services for VMware Tanzu + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Carbon Black Cloud Workload Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Carbon Black EDR Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 7.x + - 6.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Cloud Foundation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.x + - 3.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware HCX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.x + - 3.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Horizon + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.x + - 7.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '[VMware KB 87073 (vmware.com)](https://kb.vmware.com/s/article/87073)' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: VMware + product: VMware Horizon Cloud Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.x + - 2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Horizon DaaS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 9.1.x + - 9.0.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Identity Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.3.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware NSX-T Data Centern + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.x + - 2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Site Recovery Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Tanzu Application Service for VMs + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Tanzu GemFire + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 9.x + - 8.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Tanzu Greenplum + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 6.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Tanzu Kubernetes Grid Integrated Edition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Tanzu Observability by Wavefront Nozzle + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.x + - 2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Tanzu Operations Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Tanzu SQL with MySQL for VMs + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.x + - 1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Telco Cloud Automation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.x + - 1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Unified Access Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 21.x + - 20.x + - 3.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware vCenter Cloud Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: vCenter Server - OVA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 7.x + - 6.7.x + - 6.5.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081 + )' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: VMware + product: vCenter Server - Windows + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 6.7.x + - 6.5.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096 + )' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: VMware + product: VMware vRealize Automation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.x + - 7.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware vRealize Lifecycle Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware vRealize Log Insight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware vRealize Operations + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware vRealize Operations Cloud Proxy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Any + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware vRealize Orchestrator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.x + - 7.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Workspace ONE Access + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 21.x + - 20.10.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: VMware Workspace ONE Access Connector (VMware Identity Manager Connector) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 21.x + - 20.10.x + - 19.03.0.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-12T00:00:00' + - vendor: Vyaire + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vyaire.com/sites/us/files/2021-12/2021-12-15-product-security-bulletin-for-log4shell-vulnerability.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: WAGO + product: WAGO Smart Script + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.2.x < 4.8.1.3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.wago.com/de/automatisierungstechnik/psirt#log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Wallarm + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://lab.wallarm.com/cve-2021-44228-mitigation-update/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Wasp Barcode technologies + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.waspbarcode.com/kb/articles/assetcloud-inventorycloud-are-they-affected-by-the-java-exploit-log4j-no + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: WatchGuard + product: Secplicity + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Western Digital + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: WIBU Systems + product: CodeMeter Keyring for TIA Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.30 and prior + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf + notes: Only the Password Manager is affected + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: WIBU Systems + product: CodeMeter Cloud Lite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.2 and prior + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: WindRiver + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: WireShark + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://gitlab.com/wireshark/wireshark/-/issues/17783 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Wistia + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://status.wistia.com/incidents/jtg0dfl5l224 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: WitFoo + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: WordPress + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://wordpress.org/support/topic/is-the-log4j-vulnerability-an-issue/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Worksphere + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.worksphere.com/product/security-update-on-log4j-cve-2021-44228 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Wowza + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: WSO2 + product: WSO2 Enterprise Integrator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 6.1.0 and above + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.wso2.com/pages/viewpage.action?pageId=180948677 + notes: A temporary mitigation is available while vendor works on update + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: XCP-ng + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://xcp-ng.org/forum/topic/5315/log4j-vulnerability-impact + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: XenForo + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://xenforo.com/community/threads/psa-potential-security-vulnerability-in-elasticsearch-5-via-apache-log4j-log4shell.201145/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Xerox + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.business.xerox.com/wp-content/uploads/2021/12/Xerox-Special-Bulletin-Regarding-CVE-2021-44228.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: XPertDoc + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.xpertdoc.com/pages/viewpage.action?pageId=87622727 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: XPLG + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xplg.com/log4j-vulnerability-exploit-log4shell-xplg-secure/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: XWIKI + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.xwiki.org/t/log4j-cve-2021-44228-log4shell-zero-day-vulnerability/9557 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Xylem + product: Aquatalk + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Avensor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Sensus Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Sensus Automation Control Configuration change complete + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Sensus Cathodic Protection Mitigation in process Mitigation in process + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Sensus FieldLogic LogServer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Sensus Lighting Control + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Sensus NetMetrics Configuration change complete + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Sensus RNI Saas + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.7 through 4.10 + - 4.4 through 4.6 + - '4.2' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Sensus RNI On Prem + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.7 through 4.10 + - 4.4 through 4.6 + - '4.2' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Sensus SCS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Smart Irrigation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Water Loss Management (Visenti) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Configuration change complete + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Xylem Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Xylem Edge Gateway (xGW) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: Yellowbrick + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.yellowbrick.com/hc/en-us/articles/4412586575379-Security-Advisory-Yellowbrick-is-NOT-Affected-by-the-Log4Shell-Vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: YellowFin + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: YOKOGAWA + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-22T00:00:00' + - vendor: YSoft SAFEQ + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Zabbix + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.zabbix.com/zabbix-not-affected-by-the-log4j-exploit/17873/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: ZAMMAD + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Zaproxy + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Zebra + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.zebra.com/us/en/support-downloads/lifeguard-security/cve-2021-442280-dubbed-log4shell-or-logjam-vulnerability.html + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Zendesk + product: All Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All Versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.zendesk.com/hc/en-us/articles/4413583476122 + notes: Zendesk products are all cloud-based; thus there are no updates for the + customers to install as the company is working on patching their infrastructure + and systems. + references: + - '' + reporter: cisagov + last_updated: '2021-12-13T00:00:00' + - vendor: Zenoss + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.zenoss.com/hc/en-us + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Zentera Systems, Inc. + product: CoIP Access Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.zentera.net/hc/en-us/articles/4416227743511--CVE-2021-44228-Log4Shell-Vulnerability-in-Apache-Log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Zerto + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.zerto.com/kb/000004822 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Zesty + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.zesty.io/mindshare/company-announcements/log4j-exploit/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Zimbra + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://bugzilla.zimbra.com/show_bug.cgi?id=109428 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Zix + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://status.appriver.com/ + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-16T00:00:00' + - vendor: Zoom + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: ZPE systems Inc + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.zpesystems.com/portal/en/kb/articles/is-nodegrid-os-and-zpe-cloud-affected-by-cve-2021-44228-apache-log4j + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Zscaler + product: See Link (Multiple Products) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://trust.zscaler.com/posts/9581 + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-15T00:00:00' + - vendor: Zyxel + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.zyxel.com/support/Zyxel_security_advisory_for_Apache_Log4j_RCE_vulnerability.shtml + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-29T20:08:57+00:00' + - vendor: Zyxel + product: Security Firewall/Gateways + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - ZLD Firmware Security Services + - Nebula + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability + notes: '' + references: + - '' + reporter: cisagov + last_updated: '2021-12-14T00:00:00' ... From 3e5485789784671a554566281d3ca3b62b495fd6 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Wed, 29 Dec 2021 17:00:06 -0500 Subject: [PATCH 07/12] Remove product status from issue forms This value is derived from other information in each software product entry in the YAML file. Since it is now a derived value we should not prompt submitters to provide one. --- .../product-submission-form.yml | 24 ------------------- .../ISSUE_TEMPLATE/product-update-form.yml | 22 ----------------- 2 files changed, 46 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/product-submission-form.yml b/.github/ISSUE_TEMPLATE/product-submission-form.yml index ebdabe5..dde6042 100644 --- a/.github/ISSUE_TEMPLATE/product-submission-form.yml +++ b/.github/ISSUE_TEMPLATE/product-submission-form.yml @@ -27,30 +27,6 @@ body: placeholder: v2; 1.5; >3; >=4; >5, <6; etc. validations: required: true - - type: dropdown - id: product-status - attributes: - label: Product status - description: What is the current status of the affected product? - options: - - Unknown - - Affected - - Not Affected - - Fixed - - Under Investigation - validations: - required: true - - type: markdown - attributes: - value: | - Please use the information below when selecting a status. - - - Unknown - Status unknown. Default choice. - - Affected - Reported to be affected by CVE-2021-44228. - - Not Affected - Reported to NOT be affected by CVE-2021-44228 and no - further action necessary. - - Fixed - Patch and/or mitigations available (see provided links). - - Under Investigation - Vendor investigating status. - type: dropdown id: product-updated attributes: diff --git a/.github/ISSUE_TEMPLATE/product-update-form.yml b/.github/ISSUE_TEMPLATE/product-update-form.yml index d32f6fb..eabfc12 100644 --- a/.github/ISSUE_TEMPLATE/product-update-form.yml +++ b/.github/ISSUE_TEMPLATE/product-update-form.yml @@ -29,28 +29,6 @@ body: attributes: label: Product version(s) description: What version(s) of the product are affected? - - type: dropdown - id: product-status - attributes: - label: Product status - description: What is the current status of the affected product? - options: - - Unknown - - Affected - - Not Affected - - Fixed - - Under Investigation - - type: markdown - attributes: - value: | - Please use the information below when selecting a status. - - - Unknown - Status unknown. Default choice. - - Affected - Reported to be affected by CVE-2021-44228. - - Not Affected - Reported to NOT be affected by CVE-2021-44228 and no - further action necessary. - - Fixed - Patch and/or mitigations available (see provided links). - - Under Investigation - Vendor investigating status. - type: dropdown id: product-updated attributes: From 3ba78f6958192dcea8ac91378d53066870e23ace Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 30 Dec 2021 12:46:01 -0500 Subject: [PATCH 08/12] Update requirements for the update software workflow Update the workflow's requirements to use a specific version at the updated location of the Python project doing the heavy lifting. Additionally the requirements file is added to the actions/cache key used. --- .github/workflows/update_software_list.yml | 3 ++- config/requirements.txt | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update_software_list.yml b/.github/workflows/update_software_list.yml index f329803..78bf4f5 100644 --- a/.github/workflows/update_software_list.yml +++ b/.github/workflows/update_software_list.yml @@ -50,7 +50,8 @@ jobs: path: | ${{ env.PIP_CACHE_DIR }} key: "${{ env.BASE_CACHE_KEY }}\ - ${{ hashFiles('.github/workflows/update_software_list.yml') }}" + ${{ hashFiles('.github/workflows/update_software_list.yml') }}-\ + ${{ hashFiles('config/requirements.txt') }}" restore-keys: | ${{ env.BASE_CACHE_KEY }} - name: Update Python base packages diff --git a/config/requirements.txt b/config/requirements.txt index aaaced1..63b21e5 100644 --- a/config/requirements.txt +++ b/config/requirements.txt @@ -1 +1 @@ -https://api.github.com/repos/cisagov/md-table-to-yml/tarball/develop +https://github.com/cisagov/log4j-md-yml/archive/v1.0.0.tar.gz From cf9549fb5f92b233a6da3aa0ee1751fec396cf81 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 30 Dec 2021 12:59:32 -0500 Subject: [PATCH 09/12] Update the cisagov YAML file Update to reflect the current state of SOFTWARE-LIST.md. --- data/cisagov.yml | 1989 ++++++++++++++++++++++++---------------------- 1 file changed, 1028 insertions(+), 961 deletions(-) diff --git a/data/cisagov.yml b/data/cisagov.yml index 7a7cfc5..4887476 100644 --- a/data/cisagov.yml +++ b/data/cisagov.yml @@ -60,7 +60,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: 3CX product: '' cves: @@ -90,7 +90,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: 3M Health Information Systems product: CGS cves: @@ -151,7 +151,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: ABB product: '' cves: @@ -181,7 +181,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: ABB product: ABB Remote Service cves: @@ -211,7 +211,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: ABB product: AlarmInsight Cloud cves: @@ -241,7 +241,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: ABB product: B&R Products cves: @@ -272,7 +272,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Abbott product: '' cves: @@ -332,7 +332,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Accellence product: '' cves: @@ -362,7 +362,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Accellion product: Kiteworks cves: @@ -428,7 +428,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Acronis product: '' cves: @@ -458,7 +458,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: ActiveState product: '' cves: @@ -488,7 +488,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Adaptec product: '' cves: @@ -518,7 +518,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Addigy product: '' cves: @@ -548,7 +548,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Adeptia product: '' cves: @@ -578,7 +578,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Adobe ColdFusion product: '' cves: @@ -608,7 +608,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: ADP product: '' cves: @@ -638,7 +638,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AFAS Software product: '' cves: @@ -668,7 +668,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AFHCAN Global LLC product: AFHCANsuite cves: @@ -699,7 +699,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AFHCAN Global LLC product: AFHCANServer cves: @@ -730,7 +730,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AFHCAN Global LLC product: AFHCANcart cves: @@ -761,7 +761,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AFHCAN Global LLC product: AFHCANweb cves: @@ -792,7 +792,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AFHCAN Global LLC product: AFHCANmobile cves: @@ -823,7 +823,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AFHCAN Global LLC product: AFHCANupdate cves: @@ -854,7 +854,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Agilysys product: '' cves: @@ -884,7 +884,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Advanced Systems Concepts (formally Jscape) product: Active MFT cves: @@ -1069,7 +1069,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Alertus product: '' cves: @@ -1099,7 +1099,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Alexion product: '' cves: @@ -1129,7 +1129,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Alfresco product: '' cves: @@ -1159,7 +1159,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AlienVault product: '' cves: @@ -1189,7 +1189,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Alphatron Medical product: '' cves: @@ -1219,7 +1219,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: Athena cves: @@ -1249,7 +1249,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: AWS cves: @@ -1345,7 +1345,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: AWS Connect cves: @@ -1409,7 +1409,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: AWS DynamoDB cves: @@ -1763,7 +1763,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: CloudFront cves: @@ -1793,7 +1793,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: CloudWatch cves: @@ -1823,7 +1823,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: EC2 cves: @@ -1884,7 +1884,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: KMS cves: @@ -1914,7 +1914,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: OpenSearch cves: @@ -1945,7 +1945,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: RDS cves: @@ -1975,7 +1975,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: Route 53 cves: @@ -2005,7 +2005,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: S3 cves: @@ -2035,7 +2035,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: Translate cves: @@ -2065,7 +2065,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Amazon product: VPC cves: @@ -2095,7 +2095,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AMD product: All cves: @@ -2223,7 +2223,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Apache product: Camel cves: @@ -2573,7 +2573,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Apache product: Log4j cves: @@ -2604,7 +2604,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Apache product: Solr cves: @@ -2740,7 +2740,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Apereo product: Opencast cves: @@ -2772,7 +2772,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:49+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Application Performance Ltd product: DBMarlin cves: @@ -2832,7 +2832,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Apollo product: '' cves: @@ -2862,7 +2862,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Appdynamics product: '' cves: @@ -2892,7 +2892,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Appeon product: PowerBuilder cves: @@ -2952,7 +2952,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Appian product: Appian Platform cves: @@ -3043,7 +3043,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Aptible product: Aptible cves: @@ -3074,7 +3074,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: APC by Schneider Electric product: Powerchute Business Edition cves: @@ -3173,7 +3173,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Arbiter Systems product: All cves: @@ -3233,7 +3233,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Arcserve product: Arcserve Backup cves: @@ -3511,7 +3511,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Arduino product: '' cves: @@ -3541,7 +3541,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Ariba product: '' cves: @@ -3571,7 +3571,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Arista product: '' cves: @@ -3601,7 +3601,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Aruba Networks product: '' cves: @@ -3631,7 +3631,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Ataccama product: '' cves: @@ -3661,7 +3661,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Atera product: '' cves: @@ -3691,7 +3691,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Atlassian product: Bamboo Server & Data Center cves: @@ -3723,7 +3723,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Atlassian product: Bitbucket Server & Data Center cves: @@ -3755,7 +3755,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Atlassian product: Confluence Server & Data Center cves: @@ -3787,7 +3787,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Atlassian product: Crowd Server & Data Center cves: @@ -3819,7 +3819,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Atlassian product: Crucible cves: @@ -3851,7 +3851,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Atlassian product: Fisheye cves: @@ -3883,7 +3883,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Atlassian product: Jira Server & Data Center cves: @@ -3915,7 +3915,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Attivo networks product: '' cves: @@ -3945,7 +3945,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AudioCodes product: '' cves: @@ -3975,7 +3975,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Autodesk product: '' cves: @@ -4042,7 +4042,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Autopsy product: '' cves: @@ -4072,7 +4072,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Auvik product: '' cves: @@ -4102,7 +4102,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Avantra SYSLINK product: '' cves: @@ -4132,7 +4132,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Avaya product: Avaya Analytics cves: @@ -5123,7 +5123,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AVM product: '' cves: @@ -5153,7 +5153,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AvTech RoomAlert product: '' cves: @@ -5183,7 +5183,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AWS New product: '' cves: @@ -5213,7 +5213,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AXON product: '' cves: @@ -5243,7 +5243,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: AXS Guard product: '' cves: @@ -5273,7 +5273,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Axways Applications product: '' cves: @@ -5303,7 +5303,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: B&R Industrial Automation product: APROL cves: @@ -5393,7 +5393,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Balbix product: '' cves: @@ -5423,7 +5423,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Baramundi Products product: '' cves: @@ -5453,7 +5453,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Barco product: '' cves: @@ -5483,7 +5483,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Barracuda product: '' cves: @@ -5513,7 +5513,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BBraun product: Outlook® Safety Infusion System Pump family cves: @@ -6444,7 +6444,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) product: '' @@ -6475,7 +6475,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BeyondTrust product: Privilege Management Cloud cves: @@ -6598,7 +6598,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BisectHosting product: '' cves: @@ -6628,7 +6628,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BitDefender product: '' cves: @@ -6658,7 +6658,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BitNami By VMware product: '' cves: @@ -6688,7 +6688,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BitRise product: '' cves: @@ -6718,7 +6718,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Bitwarden product: '' cves: @@ -6748,7 +6748,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Biztory product: Fivetran cves: @@ -6778,7 +6778,7 @@ software: references: - Vendor review indicated Fivetran is not vulnerable to Log4j2 reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Black Kite product: '' cves: @@ -6808,7 +6808,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Blancco product: '' cves: @@ -6838,7 +6838,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: Blumira product: '' cves: @@ -6868,7 +6868,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: Bladelogic Database Automation cves: @@ -6898,7 +6898,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC AMI Ops cves: @@ -6928,7 +6928,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC AMI Products cves: @@ -6958,7 +6958,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Compuware cves: @@ -6988,7 +6988,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Automation Console cves: @@ -7018,7 +7018,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Business Workflows cves: @@ -7048,7 +7048,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Client Management cves: @@ -7078,7 +7078,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Cloud Cost cves: @@ -7108,7 +7108,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Cloud Security cves: @@ -7138,7 +7138,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix CMDB cves: @@ -7168,7 +7168,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Continuous Optimization cves: @@ -7198,7 +7198,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Control-M cves: @@ -7228,7 +7228,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Digital Workplace cves: @@ -7258,7 +7258,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Discovery cves: @@ -7288,7 +7288,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix ITSM cves: @@ -7318,7 +7318,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Knowledge Management cves: @@ -7348,7 +7348,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Operations Management with AIOps cves: @@ -7378,7 +7378,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Platform cves: @@ -7408,7 +7408,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix platform cves: @@ -7438,7 +7438,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Remediate cves: @@ -7468,7 +7468,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Remediate cves: @@ -7498,7 +7498,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Remedyforce cves: @@ -7528,7 +7528,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: BMC Helix Virtual Agent cves: @@ -7558,7 +7558,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: Cloud Lifecycle Management cves: @@ -7588,7 +7588,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:58+00:00' - vendor: BMC product: Control-M cves: @@ -7618,7 +7618,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BMC product: Footprints cves: @@ -7648,7 +7648,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BMC product: MainView Middleware Administrator cves: @@ -7678,7 +7678,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BMC product: MainView Middleware Monitor cves: @@ -7708,7 +7708,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BMC product: Remedy ITSM (IT Service Management) cves: @@ -7738,7 +7738,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BMC product: SmartIT cves: @@ -7768,7 +7768,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BMC product: Track-It! cves: @@ -7798,7 +7798,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BMC product: TrueSight Automation for Networks cves: @@ -7828,7 +7828,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BMC product: TrueSight Automation for Servers cves: @@ -7858,7 +7858,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BMC product: TrueSight Capacity Optimization cves: @@ -7888,7 +7888,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BMC product: TrueSight Infrastructure Management cves: @@ -7918,7 +7918,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BMC product: TrueSight Operations Management cves: @@ -7948,7 +7948,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BMC product: TrueSight Orchestration cves: @@ -7978,7 +7978,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Boston Scientific product: '' cves: @@ -8068,7 +8068,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Brainworks product: '' cves: @@ -8098,7 +8098,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: BrightSign product: '' cves: @@ -8128,7 +8128,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Advanced Secure Gateway (ASG) cves: @@ -8158,7 +8158,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Automic Automation cves: @@ -8188,7 +8188,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: BCAAA cves: @@ -8218,7 +8218,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: CA Advanced Authentication cves: @@ -8248,7 +8248,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: CA Risk Authentication cves: @@ -8277,7 +8277,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: CA Strong Authentication cves: @@ -8306,7 +8306,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Cloud Workload Protection (CWP) cves: @@ -8336,7 +8336,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Cloud Workload Protection for Storage (CWP:S) cves: @@ -8366,7 +8366,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: CloudSOC Cloud Access Security Broker (CASB) cves: @@ -8396,7 +8396,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Content Analysis (CA) cves: @@ -8426,7 +8426,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Critical System Protection (CSP) cves: @@ -8456,7 +8456,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Data Center Security (DCS) cves: @@ -8486,7 +8486,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Data Loss Prevention (DLP) cves: @@ -8516,7 +8516,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Email Security Service (ESS) cves: @@ -8546,7 +8546,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Ghost Solution Suite (GSS) cves: @@ -8576,7 +8576,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: HSM Agent cves: @@ -8606,7 +8606,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Industrial Control System Protection (ICSP) cves: @@ -8636,7 +8636,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Integrated Cyber Defense Manager (ICDm) cves: @@ -8666,7 +8666,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Integrated Secure Gateway (ISG) cves: @@ -8696,7 +8696,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: IT Management Suite cves: @@ -8726,7 +8726,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Layer7 API Developer Portal cves: @@ -8756,7 +8756,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Layer7 API Gateway cves: @@ -8786,7 +8786,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Layer7 Mobile API Gateway cves: @@ -8816,7 +8816,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Management Center (MC) cves: @@ -8846,7 +8846,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: PacketShaper (PS) S-Series cves: @@ -8876,7 +8876,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: PolicyCenter (PC) S-Series cves: @@ -8906,7 +8906,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Privileged Access Manager cves: @@ -8936,7 +8936,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Privileged Access Manager Server Control cves: @@ -8966,7 +8966,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Privileged Identity Manager cves: @@ -8996,7 +8996,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: ProxySG cves: @@ -9026,7 +9026,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Reporter cves: @@ -9056,7 +9056,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Secure Access Cloud (SAC) cves: @@ -9086,7 +9086,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Security Analytics (SA) cves: @@ -9116,7 +9116,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: SiteMinder (CA Single Sign-On) cves: @@ -9146,7 +9146,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: SSL Visibility (SSLV) cves: @@ -9176,7 +9176,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec Control Compliance Suite (CCS) cves: @@ -9206,7 +9206,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec Directory cves: @@ -9236,7 +9236,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec Endpoint Detection and Response (EDR) cves: @@ -9266,7 +9266,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec Endpoint Encryption (SEE) cves: @@ -9296,7 +9296,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec Endpoint Protection (SEP) cves: @@ -9326,7 +9326,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec Endpoint Protection (SEP) for Mobile cves: @@ -9356,7 +9356,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec Endpoint Protection Manager (SEPM) cves: @@ -9387,7 +9387,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec Identity Governance and Administration (IGA) cves: @@ -9417,7 +9417,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec Mail Security for Microsoft Exchange (SMSMSE) cves: @@ -9447,7 +9447,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec Messaging Gateway (SMG) cves: @@ -9477,7 +9477,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec PGP Solutions cves: @@ -9507,7 +9507,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec Protection Engine (SPE) cves: @@ -9537,7 +9537,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Symantec Protection for SharePoint Servers (SPSS) cves: @@ -9567,7 +9567,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: VIP cves: @@ -9597,7 +9597,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: VIP Authentication Hub cves: @@ -9627,7 +9627,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Web Isolation (WI) cves: @@ -9657,7 +9657,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: Web Security Service (WSS) cves: @@ -9687,7 +9687,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Broadcom product: WebPulse cves: @@ -9717,7 +9717,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: C4b XPHONE product: '' cves: @@ -9747,7 +9747,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Campbell Scientific product: All cves: @@ -9807,7 +9807,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Canary Labs product: All cves: @@ -10136,7 +10136,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Carestream product: '' cves: @@ -10196,7 +10196,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cato Networks product: '' cves: @@ -10226,7 +10226,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cepheid product: C360 cves: @@ -10316,7 +10316,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Chaser Systems product: discrimiNAT Firewall cves: @@ -10347,7 +10347,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Check Point product: CloudGuard cves: @@ -10378,7 +10378,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Check Point product: Harmony Endpoint & Harmony Mobile cves: @@ -10409,7 +10409,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Check Point product: Infinity Portal cves: @@ -10439,7 +10439,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Check Point product: Quantum Security Gateway cves: @@ -10470,7 +10470,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Check Point product: Quantum Security Management cves: @@ -10502,7 +10502,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Check Point product: SMB cves: @@ -10533,7 +10533,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Check Point product: ThreatCloud cves: @@ -10563,7 +10563,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: CheckMK product: '' cves: @@ -10593,7 +10593,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Ciphermail product: '' cves: @@ -10623,7 +10623,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: CircleCI product: CircleCI cves: @@ -10683,7 +10683,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: AppDynamics cves: @@ -10713,7 +10713,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Common Services Platform Collector cves: @@ -10743,7 +10743,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Network Services Orchestrator (NSO) cves: @@ -10773,7 +10773,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco System Architecture Evolution Gateway (SAEGW) cves: @@ -10803,7 +10803,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco ACI Multi-Site Orchestrator cves: @@ -10833,7 +10833,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco ACI Virtual Edge cves: @@ -10863,7 +10863,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Adaptive Security Appliance (ASA) Software cves: @@ -10893,7 +10893,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Advanced Web Security Reporting Application cves: @@ -10923,7 +10923,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco AMP Virtual Private Cloud Appliance cves: @@ -10953,7 +10953,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:50+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco AnyConnect Secure Mobility Client cves: @@ -10983,7 +10983,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Application Policy Infrastructure Controller (APIC) cves: @@ -11013,7 +11013,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco ASR 5000 Series Routers cves: @@ -11043,7 +11043,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Broadcloud Calling cves: @@ -11073,7 +11073,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco BroadWorks cves: @@ -11103,7 +11103,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Catalyst 9800 Series Wireless Controllers cves: @@ -11133,7 +11133,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco CloudCenter Suite Admin cves: @@ -11163,7 +11163,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco CloudCenter Workload Manager cves: @@ -11193,7 +11193,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Cognitive Intelligence cves: @@ -11223,7 +11223,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Computer Telephony Integration Object Server (CTIOS) cves: @@ -11253,7 +11253,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Connected Grid Device Manager cves: @@ -11283,7 +11283,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Connected Mobile Experiences cves: @@ -11313,7 +11313,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Connectivity cves: @@ -11343,7 +11343,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Contact Center Domain Manager (CCDM) cves: @@ -11373,7 +11373,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Contact Center Management Portal (CCMP) cves: @@ -11403,7 +11403,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Crosswork Change Automation cves: @@ -11433,7 +11433,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco CX Cloud Agent Software cves: @@ -11463,7 +11463,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Data Center Network Manager (DCNM) cves: @@ -11493,7 +11493,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Defense Orchestrator cves: @@ -11523,7 +11523,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco DNA Assurance cves: @@ -11553,7 +11553,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco DNA Center cves: @@ -11583,7 +11583,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco DNA Spaces cves: @@ -11613,7 +11613,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: DUO network gateway (on-prem/self-hosted) cves: @@ -11642,7 +11642,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Elastic Services Controller (ESC) cves: @@ -11672,7 +11672,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Emergency Responder cves: @@ -11702,7 +11702,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Enterprise Chat and Email cves: @@ -11732,7 +11732,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Enterprise NFV Infrastructure Software (NFVIS) cves: @@ -11762,7 +11762,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Evolved Programmable Network Manager cves: @@ -11792,7 +11792,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Extensible Network Controller (XNC) cves: @@ -11822,7 +11822,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Finesse cves: @@ -11852,7 +11852,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Firepower Management Center cves: @@ -11882,7 +11882,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Firepower Threat Defense (FTD) cves: @@ -11912,7 +11912,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco GGSN Gateway GPRS Support Node cves: @@ -11942,7 +11942,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco HyperFlex System cves: @@ -11972,7 +11972,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Identity Services Engine (ISE) cves: @@ -12002,7 +12002,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Integrated Management Controller (IMC) Supervisor cves: @@ -12032,7 +12032,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Intersight cves: @@ -12062,7 +12062,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Intersight Virtual Appliance cves: @@ -12092,7 +12092,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco IOS and IOS XE Software cves: @@ -12122,7 +12122,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System) @@ -12153,7 +12153,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco IoT Operations Dashboard cves: @@ -12183,7 +12183,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco IOx Fog Director cves: @@ -12213,7 +12213,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco IP Services Gateway (IPSG) cves: @@ -12243,7 +12243,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Kinetic for Cities cves: @@ -12273,7 +12273,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco MDS 9000 Series Multilayer Switches cves: @@ -12303,7 +12303,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Meeting Server cves: @@ -12333,7 +12333,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco MME Mobility Management Entity cves: @@ -12363,7 +12363,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Modeling Labs cves: @@ -12393,7 +12393,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Network Assessment (CNA) Tool cves: @@ -12423,7 +12423,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Network Assurance Engine cves: @@ -12453,7 +12453,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Network Convergence System 2000 Series cves: @@ -12483,7 +12483,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Network Planner cves: @@ -12513,7 +12513,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Nexus 5500 Platform Switches cves: @@ -12543,7 +12543,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Nexus 5600 Platform Switches cves: @@ -12573,7 +12573,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Nexus 6000 Series Switches cves: @@ -12603,7 +12603,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Nexus 7000 Series Switches cves: @@ -12633,7 +12633,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode @@ -12664,7 +12664,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Nexus Dashboard (formerly Cisco Application Services Engine) cves: @@ -12694,7 +12694,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Nexus Data Broker cves: @@ -12724,7 +12724,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Nexus Insights cves: @@ -12754,7 +12754,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Optical Network Planner cves: @@ -12784,7 +12784,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Packaged Contact Center Enterprise cves: @@ -12814,7 +12814,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Paging Server (InformaCast) cves: @@ -12844,7 +12844,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Paging Server cves: @@ -12874,7 +12874,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco PDSN/HA Packet Data Serving Node and Home Agent cves: @@ -12904,7 +12904,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco PGW Packet Data Network Gateway cves: @@ -12934,7 +12934,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Policy Suite cves: @@ -12964,7 +12964,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Prime Central for Service Providers cves: @@ -12994,7 +12994,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Prime Collaboration Manager cves: @@ -13024,7 +13024,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Prime Collaboration Provisioning cves: @@ -13054,7 +13054,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Prime Infrastructure cves: @@ -13084,7 +13084,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Prime License Manager cves: @@ -13114,7 +13114,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Prime Network cves: @@ -13144,7 +13144,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Prime Optical for Service Providers cves: @@ -13174,7 +13174,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Prime Provisioning cves: @@ -13204,7 +13204,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Prime Service Catalog cves: @@ -13234,7 +13234,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Registered Envelope Service cves: @@ -13264,7 +13264,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 1000 Series Routers cves: @@ -13294,7 +13294,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 2000 Series Routers cves: @@ -13324,7 +13324,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 5000 Series Routers cves: @@ -13354,7 +13354,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge Cloud Router Platform cves: @@ -13384,7 +13384,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco SD-WAN vManage cves: @@ -13414,7 +13414,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco Secure Network Analytics (SNA), formerly Stealthwatch cves: @@ -13444,7 +13444,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco SocialMiner cves: @@ -13474,7 +13474,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:57:59+00:00' - vendor: Cisco product: Cisco TelePresence Management Suite cves: @@ -13504,7 +13504,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco UCS Director cves: @@ -13534,7 +13534,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco UCS Performance Manager cves: @@ -13564,7 +13564,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Umbrella cves: @@ -13594,7 +13594,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Advanced cves: @@ -13624,7 +13624,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Business Edition cves: @@ -13654,7 +13654,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Department Edition cves: @@ -13684,7 +13684,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Enterprise Edition cves: @@ -13714,7 +13714,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Premium Edition cves: @@ -13744,7 +13744,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Unified Communications Manager Cloud cves: @@ -13774,7 +13774,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Unified Contact Center Enterprise - Live Data server cves: @@ -13804,7 +13804,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Unified Contact Center Enterprise cves: @@ -13834,7 +13834,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Unified Contact Center Express cves: @@ -13864,7 +13864,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Unified Intelligent Contact Management Enterprise cves: @@ -13894,7 +13894,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Unified SIP Proxy Software cves: @@ -13924,7 +13924,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Video Surveillance Operations Manager cves: @@ -13954,7 +13954,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM cves: @@ -13984,7 +13984,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Virtualized Voice Browser cves: @@ -14014,7 +14014,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Vision Dynamic Signage Director cves: @@ -14044,7 +14044,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco WAN Automation Engine (WAE) cves: @@ -14074,7 +14074,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Web Security Appliance (WSA) cves: @@ -14104,7 +14104,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Webex Cloud-Connected UC (CCUC) cves: @@ -14134,7 +14134,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Webex Meetings Server cves: @@ -14164,7 +14164,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Webex Teams cves: @@ -14194,7 +14194,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Cisco Wide Area Application Services (WAAS) cves: @@ -14224,7 +14224,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Duo cves: @@ -14254,7 +14254,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: duo network gateway (on-prem/self-hosted) cves: @@ -14283,7 +14283,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Exony Virtualized Interaction Manager (VIM) cves: @@ -14313,7 +14313,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cisco product: Managed Services Accelerator (MSX) Network Access Control Service cves: @@ -14343,7 +14343,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Citrix product: Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) cves: @@ -14793,7 +14793,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: AM2CM Tool cves: @@ -14823,7 +14823,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Ambari cves: @@ -14855,7 +14855,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Arcadia Enterprise cves: @@ -14886,7 +14886,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: CDH, HDP, and HDF cves: @@ -14917,7 +14917,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: CDP Operational Database (COD) cves: @@ -14947,7 +14947,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: CDP Private Cloud Base cves: @@ -14978,7 +14978,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: CDS 3 Powered by Apache Spark cves: @@ -15009,7 +15009,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: CDS 3.2 for GPUs cves: @@ -15040,7 +15040,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Cybersecurity Platform cves: @@ -15071,7 +15071,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Data Engineering (CDE) cves: @@ -15101,7 +15101,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Data Engineering (CDE) cves: @@ -15132,7 +15132,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Data Flow (CFM) cves: @@ -15162,7 +15162,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Data Science Workbench (CDSW) cves: @@ -15194,7 +15194,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Data Visualization (CDV) cves: @@ -15224,7 +15224,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Data Warehouse (CDW) cves: @@ -15254,7 +15254,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Data Warehouse (CDW) cves: @@ -15285,7 +15285,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera DataFlow (CDF) cves: @@ -15315,7 +15315,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Edge Management (CEM) cves: @@ -15346,7 +15346,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Enterprise cves: @@ -15377,7 +15377,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Flow Management (CFM) cves: @@ -15408,7 +15408,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Machine Learning (CML) cves: @@ -15438,7 +15438,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Machine Learning (CML) cves: @@ -15469,7 +15469,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) @@ -15501,7 +15501,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) @@ -15535,7 +15535,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR)) cves: @@ -15565,7 +15565,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Runtime (including Cloudera Data Hub and all Data Hub templates) cves: @@ -15598,7 +15598,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Stream Processing (CSP) cves: @@ -15629,7 +15629,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Streaming Analytics (CSA) cves: @@ -15659,7 +15659,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Cloudera Streaming Analytics (CSA) cves: @@ -15689,7 +15689,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Data Analytics Studio (DAS) cves: @@ -15719,7 +15719,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Data Catalog cves: @@ -15749,7 +15749,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Data Lifecycle Manager (DLM) cves: @@ -15779,7 +15779,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Data Steward Studio (DSS) cves: @@ -15810,7 +15810,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Hortonworks Data Flow (HDF) cves: @@ -15840,7 +15840,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Hortonworks Data Platform (HDP) cves: @@ -15873,7 +15873,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Hortonworks DataPlane Platform cves: @@ -15903,7 +15903,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Management Console cves: @@ -15934,7 +15934,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Management Console for CDP Public Cloud cves: @@ -15964,7 +15964,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Replication Manager cves: @@ -15994,7 +15994,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: SmartSense cves: @@ -16024,7 +16024,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Workload Manager cves: @@ -16054,7 +16054,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Workload XM (SaaS) cves: @@ -16084,7 +16084,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudera product: Workload XM cves: @@ -16115,7 +16115,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: CloudFlare product: '' cves: @@ -16145,7 +16145,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudian HyperStore product: '' cves: @@ -16175,7 +16175,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudogu product: Ecosystem cves: @@ -16206,7 +16206,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudogu product: SCM-Manager cves: @@ -16236,7 +16236,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cloudron product: '' cves: @@ -16266,7 +16266,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Clover product: '' cves: @@ -16296,7 +16296,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Code42 product: Code42 App cves: @@ -16390,7 +16390,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Codesys product: '' cves: @@ -16420,7 +16420,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cohesity product: '' cves: @@ -16450,7 +16450,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: CommVault product: '' cves: @@ -16480,7 +16480,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Concourse product: Concourse cves: @@ -16510,7 +16510,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: ConcreteCMS.com product: '' cves: @@ -16540,7 +16540,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Confluent product: Confluent Cloud cves: @@ -16880,7 +16880,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: ConnectWise product: '' cves: @@ -16910,7 +16910,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: ContrastSecurity product: '' cves: @@ -16940,7 +16940,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: ControlUp product: '' cves: @@ -16970,7 +16970,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: COPADATA product: '' cves: @@ -17000,7 +17000,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: CouchBase product: '' cves: @@ -17030,7 +17030,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: CPanel product: '' cves: @@ -17060,7 +17060,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Cradlepoint product: '' cves: @@ -17090,7 +17090,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Crestron product: '' cves: @@ -17150,7 +17150,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: CryptShare product: '' cves: @@ -17180,7 +17180,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: CyberArk product: Privileged Threat Analytics (PTA) cves: @@ -17242,7 +17242,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: CyberRes product: '' cves: @@ -17272,7 +17272,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: DarkTrace product: '' cves: @@ -17302,7 +17302,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Dassault Systèmes product: '' cves: @@ -17332,7 +17332,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Databricks product: '' cves: @@ -17362,7 +17362,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Datadog product: Datadog Agent cves: @@ -17396,7 +17396,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Dataminer product: '' cves: @@ -17426,7 +17426,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Datev product: '' cves: @@ -17456,7 +17456,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Datto product: '' cves: @@ -17486,7 +17486,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: dCache.org product: '' cves: @@ -17516,7 +17516,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Debian product: '' cves: @@ -17546,7 +17546,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Deepinstinct product: '' cves: @@ -17576,7 +17576,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:51+00:00' + last_updated: '2021-12-30T17:58:00+00:00' - vendor: Dell product: Alienware Command Center cves: @@ -25249,7 +25249,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Device42 product: '' cves: @@ -25279,7 +25279,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Devolutions product: All products cves: @@ -25309,7 +25309,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Diebold Nixdorf product: '' cves: @@ -25339,7 +25339,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Digi International product: CTEK G6200 family cves: @@ -26539,7 +26539,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Digital AI product: '' cves: @@ -26569,7 +26569,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: DNSFilter product: '' cves: @@ -26599,7 +26599,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Docker product: '' cves: @@ -26629,7 +26629,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Docusign product: '' cves: @@ -26659,7 +26659,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: DrayTek product: Vigor Routers, Access Points, Switches, VigorACS Central Management Software, MyVigor Platform @@ -26720,7 +26720,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Dynatrace product: Managed cluster nodes cves: @@ -26990,7 +26990,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Eaton product: Undisclosed cves: @@ -27023,7 +27023,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: EclecticIQ product: '' cves: @@ -27053,7 +27053,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Eclipse Foundation product: '' cves: @@ -27083,7 +27083,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: EFI product: '' cves: @@ -27113,7 +27113,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: EGroupware product: '' cves: @@ -27143,7 +27143,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Elastic product: APM Java Agent cves: @@ -27747,7 +27747,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:52+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Ellucian product: Banner Analytics cves: @@ -31322,7 +31322,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: ESET product: '' cves: @@ -31352,7 +31352,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: ESRI product: ArcGIS Data Store cves: @@ -31574,7 +31574,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Evolveum Midpoint product: '' cves: @@ -31604,7 +31604,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Ewon product: '' cves: @@ -31634,7 +31634,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Exabeam product: '' cves: @@ -31665,7 +31665,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Exact product: '' cves: @@ -31695,7 +31695,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Exivity product: '' cves: @@ -31725,7 +31725,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: ExtraHop product: Reveal(x) cves: @@ -31788,7 +31788,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Extreme Networks product: '' cves: @@ -31818,7 +31818,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Extron product: '' cves: @@ -31848,7 +31848,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F-Secure product: Elements Connector cves: @@ -31878,7 +31878,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F-Secure product: Endpoint Proxy cves: @@ -31909,7 +31909,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F-Secure product: Messaging Security Gateway cves: @@ -31939,7 +31939,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F-Secure product: Policy Manager cves: @@ -31970,7 +31970,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F-Secure product: Policy Manager Proxy cves: @@ -32001,7 +32001,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F5 product: BIG-IP (all modules) cves: @@ -32032,7 +32032,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F5 product: BIG-IQ Centralized Management cves: @@ -32063,7 +32063,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F5 product: F5OS cves: @@ -32094,7 +32094,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F5 product: Traffix SDC cves: @@ -32127,7 +32127,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F5 product: NGINX Plus cves: @@ -32158,7 +32158,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F5 product: NGINX Open Source cves: @@ -32189,7 +32189,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F5 product: NGINX Unit cves: @@ -32220,7 +32220,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F5 product: NGINX App Protect cves: @@ -32251,7 +32251,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F5 product: NGINX Controller cves: @@ -32282,7 +32282,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F5 product: NGINX Ingress Controller cves: @@ -32313,7 +32313,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F5 product: NGINX Instance Manager cves: @@ -32344,7 +32344,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: F5 product: NGINX Service Mesh cves: @@ -32375,7 +32375,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: FAST LTA product: '' cves: @@ -32405,7 +32405,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fastly product: '' cves: @@ -32435,7 +32435,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: FedEx product: Ship Manager Software cves: @@ -32535,7 +32535,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: FileCatalyst product: '' cves: @@ -32565,7 +32565,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: FileCloud product: '' cves: @@ -32595,7 +32595,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: FileWave product: '' cves: @@ -32625,7 +32625,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: FINVI product: '' cves: @@ -32655,7 +32655,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: FireDaemon product: '' cves: @@ -32685,7 +32685,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fisher & Paykel Healthcare product: '' cves: @@ -32745,7 +32745,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Flexera product: '' cves: @@ -32775,7 +32775,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Forcepoint product: DLP Manager cves: @@ -32805,7 +32805,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Forcepoint product: Forcepoint Cloud Security Gateway (CSG) cves: @@ -32835,7 +32835,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Forcepoint product: Next Generation Firewall (NGFW) cves: @@ -32865,7 +32865,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Forcepoint product: Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service and Sidewinder @@ -32896,7 +32896,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Forcepoint product: One Endpoint cves: @@ -32926,7 +32926,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Forcepoint product: Security Manager (Web, Email and DLP) cves: @@ -32956,7 +32956,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Forescout product: '' cves: @@ -32986,7 +32986,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: ForgeRock product: Autonomous Identity cves: @@ -33016,7 +33016,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiAIOps cves: @@ -33046,7 +33046,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiAnalyzer cves: @@ -33076,7 +33076,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiAnalyzer Cloud cves: @@ -33106,7 +33106,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiAP cves: @@ -33136,7 +33136,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiAuthenticator cves: @@ -33166,7 +33166,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiCASB cves: @@ -33196,7 +33196,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiConvertor cves: @@ -33226,7 +33226,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiDeceptor cves: @@ -33256,7 +33256,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiEDR Agent cves: @@ -33286,7 +33286,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiEDR Cloud cves: @@ -33316,7 +33316,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiGate Cloud cves: @@ -33346,7 +33346,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiGSLB Cloud cves: @@ -33376,7 +33376,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiMail cves: @@ -33406,7 +33406,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiManager cves: @@ -33436,7 +33436,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiManager Cloud cves: @@ -33466,7 +33466,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiNAC cves: @@ -33496,7 +33496,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiNAC cves: @@ -33526,7 +33526,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiOS (includes FortiGate & FortiWiFi) cves: @@ -33556,7 +33556,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiPhish Cloud cves: @@ -33586,7 +33586,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiPolicy cves: @@ -33616,7 +33616,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiPortal cves: @@ -33646,7 +33646,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiRecorder cves: @@ -33676,7 +33676,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiSIEM cves: @@ -33706,7 +33706,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiSOAR cves: @@ -33736,7 +33736,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiSwicth Cloud in FortiLANCloud cves: @@ -33766,7 +33766,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiSwitch & FortiSwitchManager cves: @@ -33796,7 +33796,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiToken Cloud cves: @@ -33826,7 +33826,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiVoice cves: @@ -33856,7 +33856,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: FortiWeb Cloud cves: @@ -33886,7 +33886,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fortinet product: ShieldX cves: @@ -33916,7 +33916,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: FTAPI product: '' cves: @@ -33946,7 +33946,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: Fujitsu product: '' cves: @@ -33976,7 +33976,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: FusionAuth product: FusionAuth cves: @@ -34007,7 +34007,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:01+00:00' - vendor: GE Digital product: '' cves: @@ -34283,7 +34283,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Genesys product: '' cves: @@ -34313,7 +34313,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: GeoServer product: '' cves: @@ -34343,7 +34343,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gerrit code review product: '' cves: @@ -34373,7 +34373,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: GFI product: '' cves: @@ -34403,7 +34403,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Ghidra product: '' cves: @@ -34433,7 +34433,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gigamon product: Fabric Manager cves: @@ -34526,7 +34526,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Globus product: '' cves: @@ -34556,7 +34556,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: GoAnywhere product: MFT cves: @@ -34679,7 +34679,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Google Cloud product: AI Platform Data Labeling cves: @@ -38783,7 +38783,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gradle product: Gradle Enterprise cves: @@ -38814,7 +38814,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gradle product: Gradle Enterprise Build Cache Node cves: @@ -38845,7 +38845,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gradle product: Gradle Enterprise Test Distribution Agent cves: @@ -38876,7 +38876,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Grafana product: '' cves: @@ -38906,7 +38906,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Grandstream product: '' cves: @@ -38936,7 +38936,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gravitee product: Access Management cves: @@ -38967,7 +38967,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gravitee product: Access Management cves: @@ -38998,7 +38998,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gravitee product: API Management cves: @@ -39029,7 +39029,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gravitee product: API Management cves: @@ -39060,7 +39060,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gravitee product: Alert Engine cves: @@ -39091,7 +39091,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gravitee product: Alert Engine cves: @@ -39122,7 +39122,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gravitee product: Cockpit cves: @@ -39153,7 +39153,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gravitee.io product: '' cves: @@ -39183,7 +39183,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Gravwell product: '' cves: @@ -39213,7 +39213,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Graylog product: Graylog Server cves: @@ -39244,7 +39244,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: GreenShot product: '' cves: @@ -39274,7 +39274,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: GSA product: Cloud.gov cves: @@ -39334,7 +39334,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HAProxy product: '' cves: @@ -39364,7 +39364,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HarmanPro AMX product: '' cves: @@ -39394,7 +39394,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HashiCorp product: Boundary cves: @@ -39424,7 +39424,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HashiCorp product: Consul cves: @@ -39454,7 +39454,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HashiCorp product: Consul Enterprise cves: @@ -39484,7 +39484,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HashiCorp product: Nomad cves: @@ -39514,7 +39514,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HashiCorp product: Nomad Enterprise cves: @@ -39544,7 +39544,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HashiCorp product: Packer cves: @@ -39574,7 +39574,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HashiCorp product: Terraform cves: @@ -39604,7 +39604,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HashiCorp product: Terraform Enterprise cves: @@ -39634,7 +39634,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HashiCorp product: Vagrant cves: @@ -39664,7 +39664,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HashiCorp product: Vault cves: @@ -39694,7 +39694,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HashiCorp product: Vault Enterprise cves: @@ -39724,7 +39724,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HashiCorp product: Waypoint cves: @@ -39754,7 +39754,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HCL Software product: BigFix Compliance cves: @@ -40001,7 +40001,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HENIX product: Squash TM cves: @@ -40064,7 +40064,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Hikvision product: '' cves: @@ -40094,7 +40094,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Hitachi Energy product: eSOMS cves: @@ -40124,7 +40124,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Hitachi Vantara product: '' cves: @@ -40154,7 +40154,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Honeywell product: '' cves: @@ -40184,7 +40184,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:53+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: HP product: Teradici Cloud Access Controller cves: @@ -44758,7 +44758,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Hubspot product: '' cves: @@ -44788,7 +44788,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: I-Net software product: '' cves: @@ -44818,7 +44818,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: I2P product: '' cves: @@ -44848,7 +44848,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: IBA-AG product: '' cves: @@ -44878,7 +44878,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: Ibexa product: '' cves: @@ -44908,7 +44908,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: IBM product: BigFix Compliance cves: @@ -44937,7 +44937,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: IBM product: BigFix Inventory cves: @@ -44969,7 +44969,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:02+00:00' - vendor: IBM product: Analytics Engine cves: @@ -48093,7 +48093,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: IBM product: Mass Data Migration cves: @@ -48724,7 +48724,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: IBM product: Robotic Process Automation cves: @@ -48933,7 +48933,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: IBM product: Spectrum Archive Library Edition cves: @@ -50643,7 +50643,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: IGEL product: '' cves: @@ -50673,7 +50673,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Ignite Realtime product: '' cves: @@ -50703,7 +50703,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: iGrafx product: '' cves: @@ -50733,7 +50733,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Illuminated Cloud product: '' cves: @@ -50763,7 +50763,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Illumio product: C-VEN cves: @@ -51183,7 +51183,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Imperva product: '' cves: @@ -51213,7 +51213,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Inductive Automation product: '' cves: @@ -51243,7 +51243,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: IndustrialDefender product: '' cves: @@ -51273,7 +51273,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: infinidat product: '' cves: @@ -51303,7 +51303,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: InfluxData product: '' cves: @@ -51333,7 +51333,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Infoblox product: '' cves: @@ -51363,7 +51363,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Informatica product: '' cves: @@ -51393,7 +51393,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Instana product: '' cves: @@ -51423,7 +51423,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Instructure product: '' cves: @@ -51453,7 +51453,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Intel product: Audio Development Kit cves: @@ -51846,7 +51846,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Intland product: codebeamer cves: @@ -51879,7 +51879,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: IPRO product: Netgovern cves: @@ -51908,7 +51908,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: iRedMail product: '' cves: @@ -51938,7 +51938,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Ironnet product: '' cves: @@ -51968,7 +51968,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: ISLONLINE product: '' cves: @@ -51998,7 +51998,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Ivanti product: '' cves: @@ -52028,7 +52028,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Jamasoftware product: '' cves: @@ -52058,7 +52058,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Jamf product: Jamf Pro cves: @@ -52089,7 +52089,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Jaspersoft product: '' cves: @@ -52119,7 +52119,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Jedox product: '' cves: @@ -52149,7 +52149,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Jenkins product: CI/CD Core cves: @@ -52178,7 +52178,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Jenkins product: Plugins cves: @@ -52241,7 +52241,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory, dotCover, dotPeek) @@ -52273,7 +52273,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: ToolBox cves: @@ -52304,7 +52304,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: TeamCity cves: @@ -52335,7 +52335,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: Hub cves: @@ -52366,7 +52366,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: YouTrack Standalone cves: @@ -52397,7 +52397,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: YouTrack InCloud cves: @@ -52428,7 +52428,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: Datalore cves: @@ -52459,7 +52459,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: Space cves: @@ -52490,7 +52490,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Jetbrains product: Code With Me cves: @@ -52521,7 +52521,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: Gateway cves: @@ -52552,7 +52552,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: Kotlin cves: @@ -52583,7 +52583,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: Ktor cves: @@ -52614,7 +52614,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: MPS cves: @@ -52645,7 +52645,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: Floating license server cves: @@ -52676,7 +52676,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JetBrains product: UpSource cves: @@ -52707,7 +52707,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: JFROG product: '' cves: @@ -52737,7 +52737,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Jitsi product: '' cves: @@ -52767,7 +52767,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Jitterbit product: '' cves: @@ -52797,7 +52797,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: jPOS product: (ISO-8583) bridge cves: @@ -52828,7 +52828,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Johnson Controls product: C•CURE‐9000 cves: @@ -53726,7 +53726,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Jump Desktop product: '' cves: @@ -53756,7 +53756,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Juniper Networks product: '' cves: @@ -53786,7 +53786,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Justice Systems product: '' cves: @@ -53816,7 +53816,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: K15t product: '' cves: @@ -53846,7 +53846,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: K6 product: '' cves: @@ -53876,7 +53876,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Karakun product: '' cves: @@ -53906,7 +53906,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Kaseya product: '' cves: @@ -53936,7 +53936,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Keeper Security product: '' cves: @@ -53966,7 +53966,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: KEMP product: '' cves: @@ -53996,7 +53996,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: KEMP 2 product: '' cves: @@ -54026,7 +54026,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Kofax product: '' cves: @@ -54056,7 +54056,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Konica Minolta product: '' cves: @@ -54086,7 +54086,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Kronos UKG product: '' cves: @@ -54116,7 +54116,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Kyberna product: '' cves: @@ -54146,7 +54146,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: L-Soft product: '' cves: @@ -54176,7 +54176,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: L3Harris Geospatial product: '' cves: @@ -54206,7 +54206,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Lancom Systems product: '' cves: @@ -54236,7 +54236,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Lansweeper product: '' cves: @@ -54266,7 +54266,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Laserfiche product: '' cves: @@ -54296,7 +54296,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LastPass product: '' cves: @@ -54326,7 +54326,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LaunchDarkly product: '' cves: @@ -54356,7 +54356,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Leanix product: '' cves: @@ -54386,7 +54386,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:54+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Leica BIOSYSTEMS product: Aperio AT2 cves: @@ -56641,7 +56641,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Let's Encrypt product: '' cves: @@ -56671,7 +56671,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LibreNMS product: '' cves: @@ -56701,7 +56701,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LifeRay product: '' cves: @@ -56731,7 +56731,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LifeSize product: '' cves: @@ -56761,7 +56761,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Lightbend product: '' cves: @@ -56791,7 +56791,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Lime CRM product: '' cves: @@ -56821,7 +56821,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LIONGARD product: '' cves: @@ -56851,7 +56851,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LiquidFiles product: '' cves: @@ -56881,7 +56881,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LiveAction product: '' cves: @@ -56911,7 +56911,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Loftware product: '' cves: @@ -56941,7 +56941,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LOGalyze product: SIEM & log analyzer tool cves: @@ -57004,7 +57004,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LogicMonitor product: LogicMonitor Platform cves: @@ -57034,7 +57034,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LogMeIn product: '' cves: @@ -57064,7 +57064,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LogRhythm product: '' cves: @@ -57094,7 +57094,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Looker product: Looker cves: @@ -57130,7 +57130,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: LucaNet product: '' cves: @@ -57160,7 +57160,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Lucee product: '' cves: @@ -57190,7 +57190,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Lyrasis product: Fedora Repository cves: @@ -57255,7 +57255,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Maltego product: '' cves: @@ -57285,7 +57285,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: ManageEngine product: Servicedesk Plus cves: @@ -57376,7 +57376,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: ManageEngine Zoho product: ADManager Plus cves: @@ -57778,7 +57778,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: MathWorks product: All MathWorks general release desktop or server products cves: @@ -57808,7 +57808,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: MathWorks product: MATLAB cves: @@ -57869,7 +57869,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Matomo product: '' cves: @@ -57899,7 +57899,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Mattermost FocalBoard product: '' cves: @@ -57929,7 +57929,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: McAfee product: Data Exchange Layer (DXL) Client cves: @@ -58836,7 +58836,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Meltano product: Meltano cves: @@ -58866,7 +58866,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Memurai product: '' cves: @@ -58896,7 +58896,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: MicroFocus product: '' cves: @@ -58926,7 +58926,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Microsoft product: Azure Application Gateway cves: @@ -58956,7 +58956,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Microsoft product: Azure API Gateway cves: @@ -58986,7 +58986,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:03+00:00' - vendor: Microsoft product: Azure Data lake store java cves: @@ -59017,7 +59017,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Microsoft product: Azure Data lake store java cves: @@ -59048,7 +59048,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Microsoft product: Azure DevOps Server cves: @@ -59079,7 +59079,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Microsoft product: Azure DevOps cves: @@ -59109,7 +59109,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Microsoft product: Azure Traffic Manager cves: @@ -59139,7 +59139,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Microsoft product: Team Foundation Server cves: @@ -59170,7 +59170,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Microstrategy product: '' cves: @@ -59200,7 +59200,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Midori Global product: '' cves: @@ -59230,7 +59230,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Mikrotik product: '' cves: @@ -59260,7 +59260,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Milestone sys product: '' cves: @@ -59290,7 +59290,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Mimecast product: '' cves: @@ -59320,7 +59320,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Minecraft product: '' cves: @@ -59350,7 +59350,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Mirantis product: '' cves: @@ -59380,7 +59380,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Miro product: '' cves: @@ -59410,7 +59410,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Mitel product: '' cves: @@ -59440,7 +59440,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: MobileIron product: Core cves: @@ -59612,7 +59612,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: MongoDB product: MongoDB Atlas Search cves: @@ -59642,7 +59642,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: MongoDB product: MongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators) @@ -59673,7 +59673,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: MongoDB product: MongoDB Drivers cves: @@ -59703,7 +59703,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: MongoDB product: MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, Enterprise Kubernetes Operators) @@ -59734,7 +59734,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: MongoDB product: MongoDB Realm (including Realm Database, Sync, Functions, APIs) cves: @@ -59764,7 +59764,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: MongoDB product: MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas CLI, Database Connectors) @@ -59795,7 +59795,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Moodle product: '' cves: @@ -59825,7 +59825,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: MoogSoft product: '' cves: @@ -59855,7 +59855,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Motorola Avigilon product: '' cves: @@ -59885,7 +59885,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Mulesoft product: '' cves: @@ -59916,7 +59916,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Mulesoft product: Mule Runtime cves: @@ -60074,7 +60074,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Nagios product: '' cves: @@ -60104,7 +60104,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: NAKIVO product: '' cves: @@ -60134,7 +60134,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Neo4j product: Neo4j Graph Database cves: @@ -60195,7 +60195,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Netcup product: '' cves: @@ -60225,7 +60225,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: NetGate PFSense product: '' cves: @@ -60255,7 +60255,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Netwrix product: '' cves: @@ -60285,7 +60285,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: New Relic product: Containerized Private Minion (CPM) cves: @@ -60379,7 +60379,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Nextflow product: Nextflow cves: @@ -60440,7 +60440,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: NI (National Instruments) product: '' cves: @@ -60470,7 +60470,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Nice Software (AWS) EnginFRAME product: '' cves: @@ -60500,7 +60500,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: NinjaRMM product: '' cves: @@ -60531,7 +60531,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Nomachine product: '' cves: @@ -60561,7 +60561,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: NoviFlow product: '' cves: @@ -60591,7 +60591,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Nulab product: Backlog cves: @@ -60622,7 +60622,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Nulab product: Backlog Enterprise (On-premises) cves: @@ -60653,7 +60653,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Nulab product: Cacoo cves: @@ -60684,7 +60684,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Nulab product: Cacoo Enterprise (On-premises) cves: @@ -60715,7 +60715,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Nulab product: Typetalk cves: @@ -60746,7 +60746,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Nutanix product: AHV cves: @@ -61854,7 +61854,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: NXLog product: '' cves: @@ -61884,7 +61884,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Objectif Lune product: '' cves: @@ -61914,7 +61914,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: OCLC product: '' cves: @@ -61944,7 +61944,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Octopus product: '' cves: @@ -61974,7 +61974,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Okta product: Advanced Server Access cves: @@ -62336,7 +62336,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Opengear product: '' cves: @@ -62366,7 +62366,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: OpenMRS TALK product: '' cves: @@ -62396,7 +62396,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: OpenNMS product: '' cves: @@ -62426,7 +62426,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: OpenSearch product: '' cves: @@ -62456,7 +62456,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: OpenText product: '' cves: @@ -62518,6 +62518,73 @@ software: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' + - vendor: Oracle + product: Exadata + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <21.3.4 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.oracle.com/security-alerts/alert-cve-2021-44228.html + notes: Patch status and other security guidance is restricted to Oracle account/support + members. The support document is available to customers only and has not been + reviewed by CISA. + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' + - vendor: Oracle + product: Enterprise Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '13.5' + - 13.4 & 13.3.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.oracle.com/security-alerts/alert-cve-2021-44228.html + notes: Patch status and other security guidance is restricted to Oracle account/support + members. The support document is available to customers only and has not been + reviewed by CISA. + references: + - '' + reporter: cisagov + last_updated: '2021-12-17T00:00:00' - vendor: Orgavision product: '' cves: @@ -62547,7 +62614,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Osirium product: PAM cves: @@ -62577,7 +62644,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Osirium product: PEM cves: @@ -62607,7 +62674,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Osirium product: PPA cves: @@ -62637,7 +62704,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: OTRS product: '' cves: @@ -62667,7 +62734,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: OVHCloud product: '' cves: @@ -62697,7 +62764,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: OwnCloud product: '' cves: @@ -62727,7 +62794,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: OxygenXML product: Author cves: @@ -63243,7 +63310,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: Palo-Alto Networks-OS for Panorama cves: @@ -63308,7 +63375,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: Cortex Data Lake cves: @@ -63338,7 +63405,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: Cortex Xpanse cves: @@ -63368,7 +63435,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: Cortex XDR Agent cves: @@ -63398,7 +63465,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: Cortex XSOAR cves: @@ -63428,7 +63495,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: Expedition cves: @@ -63458,7 +63525,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: IoT Security cves: @@ -63488,7 +63555,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: GlobalProtect App cves: @@ -63518,7 +63585,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: Palo-Alto Networks-OS for Firewall and Wildfire cves: @@ -63548,7 +63615,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: Prisma Access cves: @@ -63578,7 +63645,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: Prisma Cloud cves: @@ -63608,7 +63675,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: Prisma Cloud Compute cves: @@ -63638,7 +63705,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: Okyo Grade cves: @@ -63668,7 +63735,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: SaaS Security cves: @@ -63698,7 +63765,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: WildFire Appliance cves: @@ -63728,7 +63795,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: WildFire Cloud cves: @@ -63758,7 +63825,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Palo-Alto Networks product: User-ID Agent cves: @@ -63788,7 +63855,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Panopto product: '' cves: @@ -63818,7 +63885,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: PaperCut product: PaperCut MF cves: @@ -63914,7 +63981,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Parse.ly product: '' cves: @@ -63944,7 +64011,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: PBXMonitor product: RMM for 3CX PBX cves: @@ -64005,7 +64072,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pentaho product: '' cves: @@ -64035,7 +64102,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pepperl+Fuchs product: '' cves: @@ -64095,7 +64162,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pexip product: '' cves: @@ -64125,7 +64192,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Phenix Id product: '' cves: @@ -64155,7 +64222,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Philips product: Multiple products cves: @@ -64185,7 +64252,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: PHOENIX CONTACT product: Physical products containing firmware cves: @@ -64489,7 +64556,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Planmeca product: '' cves: @@ -64519,7 +64586,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Planon Software product: '' cves: @@ -64550,7 +64617,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Platform.SH product: '' cves: @@ -64580,7 +64647,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Plesk product: '' cves: @@ -64610,7 +64677,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Plex product: Plex Industrial IoT cves: @@ -64671,7 +64738,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Portainer product: '' cves: @@ -64701,7 +64768,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: PortSwigger product: '' cves: @@ -64731,7 +64798,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: PostGreSQL product: '' cves: @@ -64761,7 +64828,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Postman product: '' cves: @@ -64791,7 +64858,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Power Admin LLC product: PA File Sight cves: @@ -64911,7 +64978,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: PrimeKey product: '' cves: @@ -64941,7 +65008,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Progress / IpSwitch product: '' cves: @@ -64971,7 +65038,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: ProofPoint product: '' cves: @@ -65002,7 +65069,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: ProSeS product: '' cves: @@ -65032,7 +65099,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Prosys product: '' cves: @@ -65062,7 +65129,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Proxmox product: '' cves: @@ -65092,7 +65159,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: PRTG Paessler product: '' cves: @@ -65122,7 +65189,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: PTC product: Axeda Platform cves: @@ -65253,7 +65320,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Ivanti Connect Secure (ICS) cves: @@ -65283,7 +65350,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Ivanti Neurons for secure Access cves: @@ -65313,7 +65380,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Ivanti Neurons for ZTA cves: @@ -65343,7 +65410,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Pulse Connect Secure cves: @@ -65373,7 +65440,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Pulse Desktop Client cves: @@ -65403,7 +65470,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Pulse Mobile Client cves: @@ -65433,7 +65500,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Pulse One cves: @@ -65463,7 +65530,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Pulse Policy Secure cves: @@ -65493,7 +65560,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Pulse Secure Services Director cves: @@ -65523,7 +65590,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Pulse Secure Virtual Traffic Manager cves: @@ -65553,7 +65620,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Pulse Secure Web Application Firewall cves: @@ -65583,7 +65650,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Pulse ZTA cves: @@ -65613,7 +65680,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Puppet product: '' cves: @@ -65643,7 +65710,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pure Storage product: '' cves: @@ -65674,7 +65741,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Ivanti Neurons for ZTA cves: @@ -65704,7 +65771,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pulse Secure product: Ivanti Neurons for secure Access cves: @@ -65734,7 +65801,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Pure Storage product: FlashBlade cves: @@ -65925,7 +65992,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: QF-Test product: '' cves: @@ -65955,7 +66022,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Qlik product: '' cves: @@ -65985,7 +66052,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:55+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: QMATIC product: Orchestra Central cves: @@ -66139,7 +66206,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: QOPPA product: '' cves: @@ -66169,7 +66236,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: QSC Q-SYS product: '' cves: @@ -66199,7 +66266,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: QT product: '' cves: @@ -66229,7 +66296,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Quest Global product: '' cves: @@ -66259,7 +66326,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: R product: R cves: @@ -66320,7 +66387,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Radware product: '' cves: @@ -66350,7 +66417,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Rapid7 product: AlcidekArt, kAdvisor, and kAudit cves: @@ -67134,7 +67201,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Ravelin product: '' cves: @@ -67164,7 +67231,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:04+00:00' - vendor: Real-Time Innovations (RTI) product: Distributed Logger cves: @@ -68299,7 +68366,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: RedGate product: '' cves: @@ -68329,7 +68396,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: ResMed product: myAir cves: @@ -68419,7 +68486,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Reiner SCT product: '' cves: @@ -68449,7 +68516,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: ReportURI product: '' cves: @@ -68479,7 +68546,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Respondus product: '' cves: @@ -68510,7 +68577,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Revenera / Flexera product: '' cves: @@ -68540,7 +68607,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Ricoh product: '' cves: @@ -68570,7 +68637,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: RingCentral product: '' cves: @@ -68600,7 +68667,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Riverbed product: '' cves: @@ -68630,7 +68697,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Rockwell Automation product: FactoryTalk Analytics DataFlowML cves: @@ -68853,7 +68920,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Rosette.com product: '' cves: @@ -68883,7 +68950,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: RSA product: SecurID Authentication Manager cves: @@ -68912,7 +68979,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: RSA product: SecurID Authentication Manager Prime cves: @@ -68941,7 +69008,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: RSA product: SecurID Authentication Manager WebTier cves: @@ -68970,7 +69037,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: RSA product: SecurID Governance and Lifecycle cves: @@ -68999,7 +69066,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: RSA product: SecurID Governance and Lifecycle Cloud cves: @@ -69028,7 +69095,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: RSA product: SecurID Identity Router cves: @@ -69057,7 +69124,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: RSA Netwitness product: '' cves: @@ -69087,7 +69154,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Rstudioapi product: Rstudioapi cves: @@ -69149,7 +69216,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Ruckus product: Virtual SmartZone (vSZ) cves: @@ -69210,7 +69277,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: PagerDuty product: PagerDuty SaaS cves: @@ -69274,7 +69341,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SAE-IT product: '' cves: @@ -69304,7 +69371,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SAFE FME Server product: '' cves: @@ -69334,7 +69401,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SAGE product: '' cves: @@ -69364,7 +69431,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SailPoint product: '' cves: @@ -69395,7 +69462,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Salesforce product: Analytics Cloud cves: @@ -70080,7 +70147,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SAP product: '' cves: @@ -70203,7 +70270,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SASSAFRAS product: '' cves: @@ -70233,7 +70300,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Savignano software solutions product: '' cves: @@ -70263,7 +70330,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SBT product: SBT cves: @@ -70325,7 +70392,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: ScaleFusion MobileLock Pro product: '' cves: @@ -70355,7 +70422,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Schneider Electric product: EcoStruxure IT Gateway cves: @@ -71126,7 +71193,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: ScreenBeam product: '' cves: @@ -71156,7 +71223,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SDL worldServer product: '' cves: @@ -71186,7 +71253,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Seagull Scientific product: '' cves: @@ -71216,7 +71283,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SecurePoint product: '' cves: @@ -71246,7 +71313,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Security Onion product: '' cves: @@ -71276,7 +71343,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Securonix product: SNYPR Application cves: @@ -71461,7 +71528,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SentinelOne product: '' cves: @@ -71491,7 +71558,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Sentry product: '' cves: @@ -71521,7 +71588,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SEP product: '' cves: @@ -71551,7 +71618,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Server Eye product: '' cves: @@ -71581,7 +71648,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: ServiceNow product: '' cves: @@ -71611,7 +71678,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Shibboleth product: '' cves: @@ -71641,7 +71708,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Shibboleth product: All Products cves: @@ -71703,7 +71770,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Siebel product: '' cves: @@ -71733,7 +71800,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Siemens product: Affected Products cves: @@ -72980,7 +73047,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Signald product: '' cves: @@ -73010,7 +73077,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Silver Peak product: Orchestrator, Silver Peak GMS cves: @@ -73074,7 +73141,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Sitecore product: '' cves: @@ -73104,7 +73171,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Skillable product: '' cves: @@ -73134,7 +73201,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SLF4J product: '' cves: @@ -73164,7 +73231,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Slurm product: Slurm cves: @@ -73225,7 +73292,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SmileCDR product: '' cves: @@ -73255,7 +73322,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Snakemake product: Snakemake cves: @@ -73316,7 +73383,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Snow Software product: Snow Commander cves: @@ -73347,7 +73414,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Snow Software product: VM Access Proxy cves: @@ -73378,7 +73445,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Snowflake product: '' cves: @@ -73408,7 +73475,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Snyk product: Cloud Platform cves: @@ -73438,7 +73505,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Software AG product: '' cves: @@ -73468,7 +73535,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SolarWinds product: Database Performance Analyzer (DPA) cves: @@ -73593,7 +73660,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Sonatype product: All Products cves: @@ -74567,7 +74634,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Spambrella product: '' cves: @@ -74597,7 +74664,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Spigot product: '' cves: @@ -74627,7 +74694,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Splunk product: Splunk Add-On for Java Management Extensions [App ID 2647](https://splunkbase.splunk.com/app/2647) cves: @@ -75321,7 +75388,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Spring product: Spring Boot cves: @@ -75352,7 +75419,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Spring Boot product: '' cves: @@ -75382,7 +75449,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: StarDog product: '' cves: @@ -75412,7 +75479,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:56+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: STERIS product: Advantage cves: @@ -77002,7 +77069,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Storagement product: '' cves: @@ -77032,7 +77099,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: StormShield product: '' cves: @@ -77062,7 +77129,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: StrangeBee TheHive & Cortex product: '' cves: @@ -77092,7 +77159,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Stratodesk product: '' cves: @@ -77122,7 +77189,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Strimzi product: '' cves: @@ -77152,7 +77219,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Stripe product: '' cves: @@ -77182,7 +77249,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Styra product: '' cves: @@ -77212,7 +77279,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Sumologic product: '' cves: @@ -77242,7 +77309,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SumoLogic product: '' cves: @@ -77272,7 +77339,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Superna EYEGLASS product: '' cves: @@ -77302,7 +77369,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Suprema Inc product: '' cves: @@ -77332,7 +77399,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: SUSE product: '' cves: @@ -77362,7 +77429,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Sweepwidget product: '' cves: @@ -77392,7 +77459,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Swyx product: '' cves: @@ -77422,7 +77489,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:05+00:00' - vendor: Synchro MSP product: '' cves: @@ -77452,7 +77519,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Syncplify product: '' cves: @@ -77482,7 +77549,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Synology product: '' cves: @@ -77512,7 +77579,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Synopsys product: '' cves: @@ -77542,7 +77609,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Syntevo product: '' cves: @@ -77572,7 +77639,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: SysAid product: '' cves: @@ -77602,7 +77669,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Sysdig product: '' cves: @@ -77632,7 +77699,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Tableau product: Tableau Server cves: @@ -77896,7 +77963,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Tanium product: All cves: @@ -77957,7 +78024,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: TeamPasswordManager product: '' cves: @@ -77987,7 +78054,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Teamviewer product: '' cves: @@ -78017,7 +78084,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Tech Software product: OneAegis (f/k/a IRBManager) cves: @@ -78140,7 +78207,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Telestream product: '' cves: @@ -78170,7 +78237,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Tenable product: Tenable.io / Nessus cves: @@ -78201,7 +78268,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Thales product: CipherTrust Application Data Protection (CADP) – CAPI.net & Net Core cves: @@ -80100,7 +80167,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: ThycoticCentrify product: Secret Server cves: @@ -80378,7 +80445,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Top Gun Technology (TGT) product: '' cves: @@ -80408,7 +80475,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: TopDesk product: '' cves: @@ -80438,7 +80505,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Topicus Security product: Topicus KeyHub cves: @@ -80499,7 +80566,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Tosibox product: '' cves: @@ -80529,7 +80596,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: TPLink product: Omega Controller cves: @@ -80592,7 +80659,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Tricentis Tosca product: '' cves: @@ -80622,7 +80689,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Tripwire product: '' cves: @@ -80652,7 +80719,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Trimble product: eCognition cves: @@ -80712,7 +80779,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Tufin product: '' cves: @@ -80742,7 +80809,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: TYPO3 product: '' cves: @@ -80772,7 +80839,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Ubiquiti product: UniFi Network Application cves: @@ -80803,7 +80870,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Ubiquiti product: UniFi Network Controller cves: @@ -80865,7 +80932,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Umbraco product: '' cves: @@ -80895,7 +80962,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: UniFlow product: '' cves: @@ -80925,7 +80992,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Unify ATOS product: '' cves: @@ -80955,7 +81022,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Unimus product: '' cves: @@ -80985,7 +81052,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: UiPath product: InSights cves: @@ -81046,7 +81113,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: VArmour product: '' cves: @@ -81076,7 +81143,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Varian product: Acuity cves: @@ -82347,7 +82414,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Varonis product: '' cves: @@ -82377,7 +82444,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Veeam product: '' cves: @@ -82407,7 +82474,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Venafi product: '' cves: @@ -82437,7 +82504,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Veritas NetBackup product: '' cves: @@ -82467,7 +82534,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Vertica product: '' cves: @@ -82497,7 +82564,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Viso Trust product: '' cves: @@ -82527,7 +82594,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: VMware product: API Portal for VMware Tanzu cves: @@ -83789,7 +83856,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Wasp Barcode technologies product: '' cves: @@ -83819,7 +83886,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: WatchGuard product: Secplicity cves: @@ -83849,7 +83916,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Western Digital product: '' cves: @@ -83879,7 +83946,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: WIBU Systems product: CodeMeter Keyring for TIA Portal cves: @@ -83971,7 +84038,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: WireShark product: '' cves: @@ -84001,7 +84068,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Wistia product: '' cves: @@ -84031,7 +84098,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: WitFoo product: '' cves: @@ -84061,7 +84128,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: WordPress product: '' cves: @@ -84091,7 +84158,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Worksphere product: '' cves: @@ -84121,7 +84188,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Wowza product: '' cves: @@ -84151,7 +84218,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: WSO2 product: WSO2 Enterprise Integrator cves: @@ -84182,7 +84249,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: XCP-ng product: '' cves: @@ -84212,7 +84279,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: XenForo product: '' cves: @@ -84242,7 +84309,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Xerox product: '' cves: @@ -84272,7 +84339,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: XPertDoc product: '' cves: @@ -84302,7 +84369,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: XPLG product: '' cves: @@ -84332,7 +84399,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: XWIKI product: '' cves: @@ -84362,7 +84429,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Xylem product: Aquatalk cves: @@ -84878,7 +84945,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: YellowFin product: '' cves: @@ -84908,7 +84975,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: YOKOGAWA product: '' cves: @@ -84968,7 +85035,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Zabbix product: '' cves: @@ -84998,7 +85065,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: ZAMMAD product: '' cves: @@ -85028,7 +85095,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Zaproxy product: '' cves: @@ -85058,7 +85125,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Zebra product: '' cves: @@ -85088,7 +85155,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Zendesk product: All Products cves: @@ -85151,7 +85218,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Zentera Systems, Inc. product: CoIP Access Platform cves: @@ -85212,7 +85279,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Zesty product: '' cves: @@ -85242,7 +85309,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Zimbra product: '' cves: @@ -85272,7 +85339,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Zix product: '' cves: @@ -85332,7 +85399,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: ZPE systems Inc product: '' cves: @@ -85362,7 +85429,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Zscaler product: See Link (Multiple Products) cves: @@ -85422,7 +85489,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-29T20:08:57+00:00' + last_updated: '2021-12-30T17:58:06+00:00' - vendor: Zyxel product: Security Firewall/Gateways cves: From 1c1d06ef95821caf31402828c4f1e117cbd8caca Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 30 Dec 2021 14:04:02 -0500 Subject: [PATCH 10/12] Change the list update workflow testing configuration Update the testing branch for the software list update workflow to include the SHA of the commit that triggers the workflow. This should help track down problems if there is a failure in testing/rendering. --- .github/workflows/update_software_list.yml | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/.github/workflows/update_software_list.yml b/.github/workflows/update_software_list.yml index 78bf4f5..4eabb95 100644 --- a/.github/workflows/update_software_list.yml +++ b/.github/workflows/update_software_list.yml @@ -8,15 +8,18 @@ on: env: PIP_CACHE_DIR: ~/.cache/pip - WORKING_BRANCH_NAME: testing/update_software_list + TESTING_BRANCH_BASE: testing/update_software_list jobs: setup: runs-on: ubuntu-latest outputs: + # Commit author information for git git_author: ${{ steps.git-config.outputs.author }} git_email: ${{ steps.git-config.outputs.email }} git_user: ${{ steps.git-config.outputs.user }} + # The name of the branch used for testing + testing_branch: ${{ steps.testing-branch.outputs.name }} steps: - id: git-config run: | @@ -26,6 +29,11 @@ jobs: env: GIT_EMAIL: ${{ fromJson(secrets.GIT_AUTHOR_INFORMATION).user.email }} GIT_USER: ${{ fromJson(secrets.GIT_AUTHOR_INFORMATION).user.name }} + - id: testing-branch + run: echo "::set-output name=name::$BASE_BRANCH/$COMMIT_SHA" + env: + BASE_BRANCH: ${{ env.TESTING_BRANCH_BASE }} + COMMIT_SHA: ${{ github.sha }} generate_list_update: runs-on: ubuntu-latest needs: setup @@ -59,7 +67,7 @@ jobs: - name: Install dependencies run: pip install --upgrade --requirement config/requirements.txt - name: Create the branch for test validation - run: git switch --create ${{ env.WORKING_BRANCH_NAME }} + run: git switch --create ${{ needs.setup.outputs.testing_branch }} - name: Generate a normalized YAML file run: normalize-yml data/cisagov.yml > normalized.yml - name: Generate a Markdown table from the normalized YAML file @@ -69,7 +77,7 @@ jobs: - id: commit-for-testing uses: stefanzweifel/git-auto-commit-action@v4 with: - branch: ${{ env.WORKING_BRANCH_NAME }} + branch: ${{ needs.setup.outputs.testing_branch }} commit_message: Update the software list commit_user_name: ${{ needs.setup.outputs.git_user }} commit_user_email: ${{ needs.setup.outputs.git_email }} @@ -92,12 +100,12 @@ jobs: - uses: lewagon/wait-on-check-action@v1.0.0 with: check-name: lint - ref: ${{ env.WORKING_BRANCH_NAME }} + ref: ${{ needs.setup.outputs.testing_branch }} repo-token: ${{ github.token }} - name: Merge the testing branch run: | git fetch - git merge origin/${{ env.WORKING_BRANCH_NAME }} + git merge origin/${{ needs.setup.outputs.testing_branch }} git push - name: Cleanup testing branch - run: git push -d origin ${{ env.WORKING_BRANCH_NAME }} + run: git push -d origin ${{ needs.setup.outputs.testing_branch }} From e6aa7c3662a03592d572bd1a8b10ef1b4b0d4175 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 30 Dec 2021 14:07:17 -0500 Subject: [PATCH 11/12] Update cisagov YAML with the latest software list contents --- data/cisagov.yml | 1964 +++++++++++++++++++++++----------------------- 1 file changed, 982 insertions(+), 982 deletions(-) diff --git a/data/cisagov.yml b/data/cisagov.yml index 4887476..83b595c 100644 --- a/data/cisagov.yml +++ b/data/cisagov.yml @@ -60,7 +60,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: 3CX product: '' cves: @@ -90,7 +90,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: 3M Health Information Systems product: CGS cves: @@ -151,7 +151,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: ABB product: '' cves: @@ -181,7 +181,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: ABB product: ABB Remote Service cves: @@ -211,7 +211,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: ABB product: AlarmInsight Cloud cves: @@ -241,7 +241,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: ABB product: B&R Products cves: @@ -272,7 +272,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Abbott product: '' cves: @@ -332,7 +332,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Accellence product: '' cves: @@ -362,7 +362,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Accellion product: Kiteworks cves: @@ -428,7 +428,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Acronis product: '' cves: @@ -458,7 +458,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: ActiveState product: '' cves: @@ -488,7 +488,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Adaptec product: '' cves: @@ -518,7 +518,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Addigy product: '' cves: @@ -548,7 +548,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Adeptia product: '' cves: @@ -578,7 +578,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Adobe ColdFusion product: '' cves: @@ -608,7 +608,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: ADP product: '' cves: @@ -638,7 +638,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFAS Software product: '' cves: @@ -668,7 +668,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFHCAN Global LLC product: AFHCANsuite cves: @@ -699,7 +699,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFHCAN Global LLC product: AFHCANServer cves: @@ -730,7 +730,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFHCAN Global LLC product: AFHCANcart cves: @@ -761,7 +761,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFHCAN Global LLC product: AFHCANweb cves: @@ -792,7 +792,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFHCAN Global LLC product: AFHCANmobile cves: @@ -823,7 +823,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFHCAN Global LLC product: AFHCANupdate cves: @@ -854,7 +854,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Agilysys product: '' cves: @@ -884,7 +884,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Advanced Systems Concepts (formally Jscape) product: Active MFT cves: @@ -1069,7 +1069,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Alertus product: '' cves: @@ -1099,7 +1099,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Alexion product: '' cves: @@ -1129,7 +1129,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Alfresco product: '' cves: @@ -1159,7 +1159,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AlienVault product: '' cves: @@ -1189,7 +1189,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Alphatron Medical product: '' cves: @@ -1219,7 +1219,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: Athena cves: @@ -1249,7 +1249,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: AWS cves: @@ -1345,7 +1345,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: AWS Connect cves: @@ -1409,7 +1409,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: AWS DynamoDB cves: @@ -1763,7 +1763,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: CloudFront cves: @@ -1793,7 +1793,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: CloudWatch cves: @@ -1823,7 +1823,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: EC2 cves: @@ -1884,7 +1884,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: KMS cves: @@ -1914,7 +1914,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: OpenSearch cves: @@ -1945,7 +1945,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: RDS cves: @@ -1975,7 +1975,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: Route 53 cves: @@ -2005,7 +2005,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: S3 cves: @@ -2035,7 +2035,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: Translate cves: @@ -2065,7 +2065,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: VPC cves: @@ -2095,7 +2095,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AMD product: All cves: @@ -2223,7 +2223,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Apache product: Camel cves: @@ -2573,7 +2573,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Apache product: Log4j cves: @@ -2604,7 +2604,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Apache product: Solr cves: @@ -2740,7 +2740,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Apereo product: Opencast cves: @@ -2772,7 +2772,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Application Performance Ltd product: DBMarlin cves: @@ -2832,7 +2832,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Apollo product: '' cves: @@ -2862,7 +2862,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Appdynamics product: '' cves: @@ -2892,7 +2892,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Appeon product: PowerBuilder cves: @@ -2952,7 +2952,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Appian product: Appian Platform cves: @@ -3043,7 +3043,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Aptible product: Aptible cves: @@ -3074,7 +3074,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: APC by Schneider Electric product: Powerchute Business Edition cves: @@ -3173,7 +3173,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Arbiter Systems product: All cves: @@ -3233,7 +3233,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Arcserve product: Arcserve Backup cves: @@ -3511,7 +3511,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Arduino product: '' cves: @@ -3541,7 +3541,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Ariba product: '' cves: @@ -3571,7 +3571,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Arista product: '' cves: @@ -3601,7 +3601,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Aruba Networks product: '' cves: @@ -3631,7 +3631,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Ataccama product: '' cves: @@ -3661,7 +3661,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atera product: '' cves: @@ -3691,7 +3691,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Bamboo Server & Data Center cves: @@ -3723,7 +3723,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Bitbucket Server & Data Center cves: @@ -3755,7 +3755,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Confluence Server & Data Center cves: @@ -3787,7 +3787,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Crowd Server & Data Center cves: @@ -3819,7 +3819,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Crucible cves: @@ -3851,7 +3851,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Fisheye cves: @@ -3883,7 +3883,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Jira Server & Data Center cves: @@ -3915,7 +3915,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Attivo networks product: '' cves: @@ -3945,7 +3945,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AudioCodes product: '' cves: @@ -3975,7 +3975,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Autodesk product: '' cves: @@ -4042,7 +4042,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Autopsy product: '' cves: @@ -4072,7 +4072,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Auvik product: '' cves: @@ -4102,7 +4102,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Avantra SYSLINK product: '' cves: @@ -4132,7 +4132,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Avaya product: Avaya Analytics cves: @@ -5123,7 +5123,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AVM product: '' cves: @@ -5153,7 +5153,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AvTech RoomAlert product: '' cves: @@ -5183,7 +5183,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AWS New product: '' cves: @@ -5213,7 +5213,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AXON product: '' cves: @@ -5243,7 +5243,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: AXS Guard product: '' cves: @@ -5273,7 +5273,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: Axways Applications product: '' cves: @@ -5303,7 +5303,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:26+00:00' - vendor: B&R Industrial Automation product: APROL cves: @@ -5393,7 +5393,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Balbix product: '' cves: @@ -5423,7 +5423,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Baramundi Products product: '' cves: @@ -5453,7 +5453,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Barco product: '' cves: @@ -5483,7 +5483,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Barracuda product: '' cves: @@ -5513,7 +5513,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BBraun product: Outlook® Safety Infusion System Pump family cves: @@ -6444,7 +6444,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) product: '' @@ -6475,7 +6475,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BeyondTrust product: Privilege Management Cloud cves: @@ -6598,7 +6598,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BisectHosting product: '' cves: @@ -6628,7 +6628,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BitDefender product: '' cves: @@ -6658,7 +6658,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BitNami By VMware product: '' cves: @@ -6688,7 +6688,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BitRise product: '' cves: @@ -6718,7 +6718,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Bitwarden product: '' cves: @@ -6748,7 +6748,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Biztory product: Fivetran cves: @@ -6778,7 +6778,7 @@ software: references: - Vendor review indicated Fivetran is not vulnerable to Log4j2 reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Black Kite product: '' cves: @@ -6808,7 +6808,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Blancco product: '' cves: @@ -6838,7 +6838,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Blumira product: '' cves: @@ -6868,7 +6868,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: Bladelogic Database Automation cves: @@ -6898,7 +6898,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC AMI Ops cves: @@ -6928,7 +6928,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC AMI Products cves: @@ -6958,7 +6958,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Compuware cves: @@ -6988,7 +6988,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Automation Console cves: @@ -7018,7 +7018,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Business Workflows cves: @@ -7048,7 +7048,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Client Management cves: @@ -7078,7 +7078,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Cloud Cost cves: @@ -7108,7 +7108,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Cloud Security cves: @@ -7138,7 +7138,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix CMDB cves: @@ -7168,7 +7168,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Continuous Optimization cves: @@ -7198,7 +7198,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Control-M cves: @@ -7228,7 +7228,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Digital Workplace cves: @@ -7258,7 +7258,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Discovery cves: @@ -7288,7 +7288,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix ITSM cves: @@ -7318,7 +7318,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Knowledge Management cves: @@ -7348,7 +7348,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Operations Management with AIOps cves: @@ -7378,7 +7378,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Platform cves: @@ -7408,7 +7408,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix platform cves: @@ -7438,7 +7438,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Remediate cves: @@ -7468,7 +7468,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Remediate cves: @@ -7498,7 +7498,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Remedyforce cves: @@ -7528,7 +7528,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Virtual Agent cves: @@ -7558,7 +7558,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: Cloud Lifecycle Management cves: @@ -7588,7 +7588,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:58+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: Control-M cves: @@ -7618,7 +7618,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: Footprints cves: @@ -7648,7 +7648,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: MainView Middleware Administrator cves: @@ -7678,7 +7678,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: MainView Middleware Monitor cves: @@ -7708,7 +7708,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: Remedy ITSM (IT Service Management) cves: @@ -7738,7 +7738,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: SmartIT cves: @@ -7768,7 +7768,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: Track-It! cves: @@ -7798,7 +7798,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: TrueSight Automation for Networks cves: @@ -7828,7 +7828,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: TrueSight Automation for Servers cves: @@ -7858,7 +7858,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: TrueSight Capacity Optimization cves: @@ -7888,7 +7888,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: TrueSight Infrastructure Management cves: @@ -7918,7 +7918,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: TrueSight Operations Management cves: @@ -7948,7 +7948,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: TrueSight Orchestration cves: @@ -7978,7 +7978,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Boston Scientific product: '' cves: @@ -8068,7 +8068,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Brainworks product: '' cves: @@ -8098,7 +8098,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: BrightSign product: '' cves: @@ -8128,7 +8128,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Advanced Secure Gateway (ASG) cves: @@ -8158,7 +8158,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Automic Automation cves: @@ -8188,7 +8188,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: BCAAA cves: @@ -8218,7 +8218,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: CA Advanced Authentication cves: @@ -8248,7 +8248,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: CA Risk Authentication cves: @@ -8277,7 +8277,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: CA Strong Authentication cves: @@ -8306,7 +8306,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Cloud Workload Protection (CWP) cves: @@ -8336,7 +8336,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Cloud Workload Protection for Storage (CWP:S) cves: @@ -8366,7 +8366,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: CloudSOC Cloud Access Security Broker (CASB) cves: @@ -8396,7 +8396,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Content Analysis (CA) cves: @@ -8426,7 +8426,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Critical System Protection (CSP) cves: @@ -8456,7 +8456,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Data Center Security (DCS) cves: @@ -8486,7 +8486,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Data Loss Prevention (DLP) cves: @@ -8516,7 +8516,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Email Security Service (ESS) cves: @@ -8546,7 +8546,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Ghost Solution Suite (GSS) cves: @@ -8576,7 +8576,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: HSM Agent cves: @@ -8606,7 +8606,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Industrial Control System Protection (ICSP) cves: @@ -8636,7 +8636,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Integrated Cyber Defense Manager (ICDm) cves: @@ -8666,7 +8666,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Integrated Secure Gateway (ISG) cves: @@ -8696,7 +8696,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: IT Management Suite cves: @@ -8726,7 +8726,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Layer7 API Developer Portal cves: @@ -8756,7 +8756,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Layer7 API Gateway cves: @@ -8786,7 +8786,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Layer7 Mobile API Gateway cves: @@ -8816,7 +8816,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Management Center (MC) cves: @@ -8846,7 +8846,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: PacketShaper (PS) S-Series cves: @@ -8876,7 +8876,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: PolicyCenter (PC) S-Series cves: @@ -8906,7 +8906,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Privileged Access Manager cves: @@ -8936,7 +8936,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Privileged Access Manager Server Control cves: @@ -8966,7 +8966,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Privileged Identity Manager cves: @@ -8996,7 +8996,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: ProxySG cves: @@ -9026,7 +9026,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Reporter cves: @@ -9056,7 +9056,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Secure Access Cloud (SAC) cves: @@ -9086,7 +9086,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Security Analytics (SA) cves: @@ -9116,7 +9116,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: SiteMinder (CA Single Sign-On) cves: @@ -9146,7 +9146,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: SSL Visibility (SSLV) cves: @@ -9176,7 +9176,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Control Compliance Suite (CCS) cves: @@ -9206,7 +9206,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Directory cves: @@ -9236,7 +9236,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Endpoint Detection and Response (EDR) cves: @@ -9266,7 +9266,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Endpoint Encryption (SEE) cves: @@ -9296,7 +9296,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Endpoint Protection (SEP) cves: @@ -9326,7 +9326,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Endpoint Protection (SEP) for Mobile cves: @@ -9356,7 +9356,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Endpoint Protection Manager (SEPM) cves: @@ -9387,7 +9387,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Identity Governance and Administration (IGA) cves: @@ -9417,7 +9417,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Mail Security for Microsoft Exchange (SMSMSE) cves: @@ -9447,7 +9447,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Messaging Gateway (SMG) cves: @@ -9477,7 +9477,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec PGP Solutions cves: @@ -9507,7 +9507,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Protection Engine (SPE) cves: @@ -9537,7 +9537,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Protection for SharePoint Servers (SPSS) cves: @@ -9567,7 +9567,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: VIP cves: @@ -9597,7 +9597,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: VIP Authentication Hub cves: @@ -9627,7 +9627,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Web Isolation (WI) cves: @@ -9657,7 +9657,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Web Security Service (WSS) cves: @@ -9687,7 +9687,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: WebPulse cves: @@ -9717,7 +9717,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: C4b XPHONE product: '' cves: @@ -9747,7 +9747,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Campbell Scientific product: All cves: @@ -9807,7 +9807,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Canary Labs product: All cves: @@ -10136,7 +10136,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Carestream product: '' cves: @@ -10196,7 +10196,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cato Networks product: '' cves: @@ -10226,7 +10226,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cepheid product: C360 cves: @@ -10316,7 +10316,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Chaser Systems product: discrimiNAT Firewall cves: @@ -10347,7 +10347,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: CloudGuard cves: @@ -10378,7 +10378,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: Harmony Endpoint & Harmony Mobile cves: @@ -10409,7 +10409,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: Infinity Portal cves: @@ -10439,7 +10439,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: Quantum Security Gateway cves: @@ -10470,7 +10470,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: Quantum Security Management cves: @@ -10502,7 +10502,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: SMB cves: @@ -10533,7 +10533,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: ThreatCloud cves: @@ -10563,7 +10563,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: CheckMK product: '' cves: @@ -10593,7 +10593,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Ciphermail product: '' cves: @@ -10623,7 +10623,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: CircleCI product: CircleCI cves: @@ -10683,7 +10683,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: AppDynamics cves: @@ -10713,7 +10713,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Common Services Platform Collector cves: @@ -10743,7 +10743,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Network Services Orchestrator (NSO) cves: @@ -10773,7 +10773,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco System Architecture Evolution Gateway (SAEGW) cves: @@ -10803,7 +10803,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco ACI Multi-Site Orchestrator cves: @@ -10833,7 +10833,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco ACI Virtual Edge cves: @@ -10863,7 +10863,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Adaptive Security Appliance (ASA) Software cves: @@ -10893,7 +10893,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Advanced Web Security Reporting Application cves: @@ -10923,7 +10923,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco AMP Virtual Private Cloud Appliance cves: @@ -10953,7 +10953,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco AnyConnect Secure Mobility Client cves: @@ -10983,7 +10983,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Application Policy Infrastructure Controller (APIC) cves: @@ -11013,7 +11013,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco ASR 5000 Series Routers cves: @@ -11043,7 +11043,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Broadcloud Calling cves: @@ -11073,7 +11073,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco BroadWorks cves: @@ -11103,7 +11103,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Catalyst 9800 Series Wireless Controllers cves: @@ -11133,7 +11133,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco CloudCenter Suite Admin cves: @@ -11163,7 +11163,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco CloudCenter Workload Manager cves: @@ -11193,7 +11193,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Cognitive Intelligence cves: @@ -11223,7 +11223,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Computer Telephony Integration Object Server (CTIOS) cves: @@ -11253,7 +11253,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Connected Grid Device Manager cves: @@ -11283,7 +11283,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Connected Mobile Experiences cves: @@ -11313,7 +11313,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Connectivity cves: @@ -11343,7 +11343,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Contact Center Domain Manager (CCDM) cves: @@ -11373,7 +11373,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Contact Center Management Portal (CCMP) cves: @@ -11403,7 +11403,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Crosswork Change Automation cves: @@ -11433,7 +11433,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco CX Cloud Agent Software cves: @@ -11463,7 +11463,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Data Center Network Manager (DCNM) cves: @@ -11493,7 +11493,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Defense Orchestrator cves: @@ -11523,7 +11523,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco DNA Assurance cves: @@ -11553,7 +11553,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco DNA Center cves: @@ -11583,7 +11583,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco DNA Spaces cves: @@ -11613,7 +11613,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: DUO network gateway (on-prem/self-hosted) cves: @@ -11642,7 +11642,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Elastic Services Controller (ESC) cves: @@ -11672,7 +11672,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Emergency Responder cves: @@ -11702,7 +11702,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Enterprise Chat and Email cves: @@ -11732,7 +11732,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Enterprise NFV Infrastructure Software (NFVIS) cves: @@ -11762,7 +11762,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Evolved Programmable Network Manager cves: @@ -11792,7 +11792,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Extensible Network Controller (XNC) cves: @@ -11822,7 +11822,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Finesse cves: @@ -11852,7 +11852,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Firepower Management Center cves: @@ -11882,7 +11882,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Firepower Threat Defense (FTD) cves: @@ -11912,7 +11912,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco GGSN Gateway GPRS Support Node cves: @@ -11942,7 +11942,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco HyperFlex System cves: @@ -11972,7 +11972,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Identity Services Engine (ISE) cves: @@ -12002,7 +12002,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Integrated Management Controller (IMC) Supervisor cves: @@ -12032,7 +12032,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Intersight cves: @@ -12062,7 +12062,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Intersight Virtual Appliance cves: @@ -12092,7 +12092,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco IOS and IOS XE Software cves: @@ -12122,7 +12122,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System) @@ -12153,7 +12153,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco IoT Operations Dashboard cves: @@ -12183,7 +12183,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco IOx Fog Director cves: @@ -12213,7 +12213,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco IP Services Gateway (IPSG) cves: @@ -12243,7 +12243,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Kinetic for Cities cves: @@ -12273,7 +12273,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco MDS 9000 Series Multilayer Switches cves: @@ -12303,7 +12303,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Meeting Server cves: @@ -12333,7 +12333,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco MME Mobility Management Entity cves: @@ -12363,7 +12363,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Modeling Labs cves: @@ -12393,7 +12393,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Network Assessment (CNA) Tool cves: @@ -12423,7 +12423,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Network Assurance Engine cves: @@ -12453,7 +12453,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Network Convergence System 2000 Series cves: @@ -12483,7 +12483,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Network Planner cves: @@ -12513,7 +12513,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus 5500 Platform Switches cves: @@ -12543,7 +12543,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus 5600 Platform Switches cves: @@ -12573,7 +12573,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus 6000 Series Switches cves: @@ -12603,7 +12603,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus 7000 Series Switches cves: @@ -12633,7 +12633,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode @@ -12664,7 +12664,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus Dashboard (formerly Cisco Application Services Engine) cves: @@ -12694,7 +12694,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus Data Broker cves: @@ -12724,7 +12724,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus Insights cves: @@ -12754,7 +12754,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Optical Network Planner cves: @@ -12784,7 +12784,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Packaged Contact Center Enterprise cves: @@ -12814,7 +12814,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Paging Server (InformaCast) cves: @@ -12844,7 +12844,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Paging Server cves: @@ -12874,7 +12874,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco PDSN/HA Packet Data Serving Node and Home Agent cves: @@ -12904,7 +12904,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco PGW Packet Data Network Gateway cves: @@ -12934,7 +12934,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Policy Suite cves: @@ -12964,7 +12964,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Central for Service Providers cves: @@ -12994,7 +12994,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Collaboration Manager cves: @@ -13024,7 +13024,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Collaboration Provisioning cves: @@ -13054,7 +13054,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Infrastructure cves: @@ -13084,7 +13084,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime License Manager cves: @@ -13114,7 +13114,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Network cves: @@ -13144,7 +13144,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Optical for Service Providers cves: @@ -13174,7 +13174,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Provisioning cves: @@ -13204,7 +13204,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Service Catalog cves: @@ -13234,7 +13234,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Registered Envelope Service cves: @@ -13264,7 +13264,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 1000 Series Routers cves: @@ -13294,7 +13294,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 2000 Series Routers cves: @@ -13324,7 +13324,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 5000 Series Routers cves: @@ -13354,7 +13354,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge Cloud Router Platform cves: @@ -13384,7 +13384,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco SD-WAN vManage cves: @@ -13414,7 +13414,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Secure Network Analytics (SNA), formerly Stealthwatch cves: @@ -13444,7 +13444,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco SocialMiner cves: @@ -13474,7 +13474,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:57:59+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco TelePresence Management Suite cves: @@ -13504,7 +13504,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco UCS Director cves: @@ -13534,7 +13534,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco UCS Performance Manager cves: @@ -13564,7 +13564,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Umbrella cves: @@ -13594,7 +13594,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Advanced cves: @@ -13624,7 +13624,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Business Edition cves: @@ -13654,7 +13654,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Department Edition cves: @@ -13684,7 +13684,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Enterprise Edition cves: @@ -13714,7 +13714,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Premium Edition cves: @@ -13744,7 +13744,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Communications Manager Cloud cves: @@ -13774,7 +13774,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Contact Center Enterprise - Live Data server cves: @@ -13804,7 +13804,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Contact Center Enterprise cves: @@ -13834,7 +13834,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Contact Center Express cves: @@ -13864,7 +13864,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Intelligent Contact Management Enterprise cves: @@ -13894,7 +13894,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified SIP Proxy Software cves: @@ -13924,7 +13924,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Video Surveillance Operations Manager cves: @@ -13954,7 +13954,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM cves: @@ -13984,7 +13984,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Virtualized Voice Browser cves: @@ -14014,7 +14014,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Vision Dynamic Signage Director cves: @@ -14044,7 +14044,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco WAN Automation Engine (WAE) cves: @@ -14074,7 +14074,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Web Security Appliance (WSA) cves: @@ -14104,7 +14104,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Webex Cloud-Connected UC (CCUC) cves: @@ -14134,7 +14134,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Webex Meetings Server cves: @@ -14164,7 +14164,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Webex Teams cves: @@ -14194,7 +14194,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Wide Area Application Services (WAAS) cves: @@ -14224,7 +14224,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Duo cves: @@ -14254,7 +14254,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: duo network gateway (on-prem/self-hosted) cves: @@ -14283,7 +14283,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Exony Virtualized Interaction Manager (VIM) cves: @@ -14313,7 +14313,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Managed Services Accelerator (MSX) Network Access Control Service cves: @@ -14343,7 +14343,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Citrix product: Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) cves: @@ -14793,7 +14793,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: AM2CM Tool cves: @@ -14823,7 +14823,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Ambari cves: @@ -14855,7 +14855,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Arcadia Enterprise cves: @@ -14886,7 +14886,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: CDH, HDP, and HDF cves: @@ -14917,7 +14917,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: CDP Operational Database (COD) cves: @@ -14947,7 +14947,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: CDP Private Cloud Base cves: @@ -14978,7 +14978,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: CDS 3 Powered by Apache Spark cves: @@ -15009,7 +15009,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: CDS 3.2 for GPUs cves: @@ -15040,7 +15040,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Cybersecurity Platform cves: @@ -15071,7 +15071,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Engineering (CDE) cves: @@ -15101,7 +15101,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Engineering (CDE) cves: @@ -15132,7 +15132,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Flow (CFM) cves: @@ -15162,7 +15162,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Science Workbench (CDSW) cves: @@ -15194,7 +15194,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Visualization (CDV) cves: @@ -15224,7 +15224,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Warehouse (CDW) cves: @@ -15254,7 +15254,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Warehouse (CDW) cves: @@ -15285,7 +15285,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera DataFlow (CDF) cves: @@ -15315,7 +15315,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Edge Management (CEM) cves: @@ -15346,7 +15346,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Enterprise cves: @@ -15377,7 +15377,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Flow Management (CFM) cves: @@ -15408,7 +15408,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Machine Learning (CML) cves: @@ -15438,7 +15438,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Machine Learning (CML) cves: @@ -15469,7 +15469,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) @@ -15501,7 +15501,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) @@ -15535,7 +15535,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR)) cves: @@ -15565,7 +15565,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Runtime (including Cloudera Data Hub and all Data Hub templates) cves: @@ -15598,7 +15598,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Stream Processing (CSP) cves: @@ -15629,7 +15629,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Streaming Analytics (CSA) cves: @@ -15659,7 +15659,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Streaming Analytics (CSA) cves: @@ -15689,7 +15689,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Data Analytics Studio (DAS) cves: @@ -15719,7 +15719,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Data Catalog cves: @@ -15749,7 +15749,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Data Lifecycle Manager (DLM) cves: @@ -15779,7 +15779,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Data Steward Studio (DSS) cves: @@ -15810,7 +15810,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Hortonworks Data Flow (HDF) cves: @@ -15840,7 +15840,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Hortonworks Data Platform (HDP) cves: @@ -15873,7 +15873,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Hortonworks DataPlane Platform cves: @@ -15903,7 +15903,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Management Console cves: @@ -15934,7 +15934,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Management Console for CDP Public Cloud cves: @@ -15964,7 +15964,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Replication Manager cves: @@ -15994,7 +15994,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: SmartSense cves: @@ -16024,7 +16024,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Workload Manager cves: @@ -16054,7 +16054,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Workload XM (SaaS) cves: @@ -16084,7 +16084,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Workload XM cves: @@ -16115,7 +16115,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: CloudFlare product: '' cves: @@ -16145,7 +16145,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudian HyperStore product: '' cves: @@ -16175,7 +16175,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudogu product: Ecosystem cves: @@ -16206,7 +16206,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudogu product: SCM-Manager cves: @@ -16236,7 +16236,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudron product: '' cves: @@ -16266,7 +16266,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Clover product: '' cves: @@ -16296,7 +16296,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Code42 product: Code42 App cves: @@ -16390,7 +16390,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Codesys product: '' cves: @@ -16420,7 +16420,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cohesity product: '' cves: @@ -16450,7 +16450,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: CommVault product: '' cves: @@ -16480,7 +16480,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Concourse product: Concourse cves: @@ -16510,7 +16510,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: ConcreteCMS.com product: '' cves: @@ -16540,7 +16540,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: Confluent product: Confluent Cloud cves: @@ -16880,7 +16880,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: ConnectWise product: '' cves: @@ -16910,7 +16910,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:28+00:00' - vendor: ContrastSecurity product: '' cves: @@ -16940,7 +16940,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: ControlUp product: '' cves: @@ -16970,7 +16970,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: COPADATA product: '' cves: @@ -17000,7 +17000,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: CouchBase product: '' cves: @@ -17030,7 +17030,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: CPanel product: '' cves: @@ -17060,7 +17060,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Cradlepoint product: '' cves: @@ -17090,7 +17090,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Crestron product: '' cves: @@ -17150,7 +17150,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: CryptShare product: '' cves: @@ -17180,7 +17180,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: CyberArk product: Privileged Threat Analytics (PTA) cves: @@ -17242,7 +17242,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: CyberRes product: '' cves: @@ -17272,7 +17272,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: DarkTrace product: '' cves: @@ -17302,7 +17302,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Dassault Systèmes product: '' cves: @@ -17332,7 +17332,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Databricks product: '' cves: @@ -17362,7 +17362,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Datadog product: Datadog Agent cves: @@ -17396,7 +17396,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Dataminer product: '' cves: @@ -17426,7 +17426,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Datev product: '' cves: @@ -17456,7 +17456,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Datto product: '' cves: @@ -17486,7 +17486,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: dCache.org product: '' cves: @@ -17516,7 +17516,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Debian product: '' cves: @@ -17546,7 +17546,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Deepinstinct product: '' cves: @@ -17576,7 +17576,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:00+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Dell product: Alienware Command Center cves: @@ -25249,7 +25249,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Device42 product: '' cves: @@ -25279,7 +25279,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Devolutions product: All products cves: @@ -25309,7 +25309,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Diebold Nixdorf product: '' cves: @@ -25339,7 +25339,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Digi International product: CTEK G6200 family cves: @@ -26539,7 +26539,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Digital AI product: '' cves: @@ -26569,7 +26569,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: DNSFilter product: '' cves: @@ -26599,7 +26599,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Docker product: '' cves: @@ -26629,7 +26629,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Docusign product: '' cves: @@ -26659,7 +26659,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: DrayTek product: Vigor Routers, Access Points, Switches, VigorACS Central Management Software, MyVigor Platform @@ -26720,7 +26720,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Dynatrace product: Managed cluster nodes cves: @@ -26990,7 +26990,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Eaton product: Undisclosed cves: @@ -27023,7 +27023,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: EclecticIQ product: '' cves: @@ -27053,7 +27053,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Eclipse Foundation product: '' cves: @@ -27083,7 +27083,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: EFI product: '' cves: @@ -27113,7 +27113,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: EGroupware product: '' cves: @@ -27143,7 +27143,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Elastic product: APM Java Agent cves: @@ -27747,7 +27747,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:29+00:00' - vendor: Ellucian product: Banner Analytics cves: @@ -31322,7 +31322,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: ESET product: '' cves: @@ -31352,7 +31352,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: ESRI product: ArcGIS Data Store cves: @@ -31574,7 +31574,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Evolveum Midpoint product: '' cves: @@ -31604,7 +31604,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Ewon product: '' cves: @@ -31634,7 +31634,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Exabeam product: '' cves: @@ -31665,7 +31665,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Exact product: '' cves: @@ -31695,7 +31695,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Exivity product: '' cves: @@ -31725,7 +31725,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: ExtraHop product: Reveal(x) cves: @@ -31788,7 +31788,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Extreme Networks product: '' cves: @@ -31818,7 +31818,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Extron product: '' cves: @@ -31848,7 +31848,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F-Secure product: Elements Connector cves: @@ -31878,7 +31878,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F-Secure product: Endpoint Proxy cves: @@ -31909,7 +31909,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F-Secure product: Messaging Security Gateway cves: @@ -31939,7 +31939,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F-Secure product: Policy Manager cves: @@ -31970,7 +31970,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F-Secure product: Policy Manager Proxy cves: @@ -32001,7 +32001,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: BIG-IP (all modules) cves: @@ -32032,7 +32032,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: BIG-IQ Centralized Management cves: @@ -32063,7 +32063,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: F5OS cves: @@ -32094,7 +32094,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: Traffix SDC cves: @@ -32127,7 +32127,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Plus cves: @@ -32158,7 +32158,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Open Source cves: @@ -32189,7 +32189,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Unit cves: @@ -32220,7 +32220,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX App Protect cves: @@ -32251,7 +32251,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Controller cves: @@ -32282,7 +32282,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Ingress Controller cves: @@ -32313,7 +32313,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Instance Manager cves: @@ -32344,7 +32344,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Service Mesh cves: @@ -32375,7 +32375,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: FAST LTA product: '' cves: @@ -32405,7 +32405,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fastly product: '' cves: @@ -32435,7 +32435,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: FedEx product: Ship Manager Software cves: @@ -32535,7 +32535,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: FileCatalyst product: '' cves: @@ -32565,7 +32565,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: FileCloud product: '' cves: @@ -32595,7 +32595,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: FileWave product: '' cves: @@ -32625,7 +32625,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: FINVI product: '' cves: @@ -32655,7 +32655,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: FireDaemon product: '' cves: @@ -32685,7 +32685,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fisher & Paykel Healthcare product: '' cves: @@ -32745,7 +32745,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Flexera product: '' cves: @@ -32775,7 +32775,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forcepoint product: DLP Manager cves: @@ -32805,7 +32805,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forcepoint product: Forcepoint Cloud Security Gateway (CSG) cves: @@ -32835,7 +32835,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forcepoint product: Next Generation Firewall (NGFW) cves: @@ -32865,7 +32865,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forcepoint product: Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service and Sidewinder @@ -32896,7 +32896,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forcepoint product: One Endpoint cves: @@ -32926,7 +32926,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forcepoint product: Security Manager (Web, Email and DLP) cves: @@ -32956,7 +32956,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forescout product: '' cves: @@ -32986,7 +32986,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: ForgeRock product: Autonomous Identity cves: @@ -33016,7 +33016,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiAIOps cves: @@ -33046,7 +33046,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiAnalyzer cves: @@ -33076,7 +33076,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiAnalyzer Cloud cves: @@ -33106,7 +33106,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiAP cves: @@ -33136,7 +33136,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiAuthenticator cves: @@ -33166,7 +33166,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiCASB cves: @@ -33196,7 +33196,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiConvertor cves: @@ -33226,7 +33226,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiDeceptor cves: @@ -33256,7 +33256,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiEDR Agent cves: @@ -33286,7 +33286,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiEDR Cloud cves: @@ -33316,7 +33316,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiGate Cloud cves: @@ -33346,7 +33346,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiGSLB Cloud cves: @@ -33376,7 +33376,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiMail cves: @@ -33406,7 +33406,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiManager cves: @@ -33436,7 +33436,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiManager Cloud cves: @@ -33466,7 +33466,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiNAC cves: @@ -33496,7 +33496,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiNAC cves: @@ -33526,7 +33526,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiOS (includes FortiGate & FortiWiFi) cves: @@ -33556,7 +33556,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiPhish Cloud cves: @@ -33586,7 +33586,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiPolicy cves: @@ -33616,7 +33616,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiPortal cves: @@ -33646,7 +33646,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiRecorder cves: @@ -33676,7 +33676,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiSIEM cves: @@ -33706,7 +33706,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiSOAR cves: @@ -33736,7 +33736,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiSwicth Cloud in FortiLANCloud cves: @@ -33766,7 +33766,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiSwitch & FortiSwitchManager cves: @@ -33796,7 +33796,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiToken Cloud cves: @@ -33826,7 +33826,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiVoice cves: @@ -33856,7 +33856,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiWeb Cloud cves: @@ -33886,7 +33886,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: ShieldX cves: @@ -33916,7 +33916,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: FTAPI product: '' cves: @@ -33946,7 +33946,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fujitsu product: '' cves: @@ -33976,7 +33976,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: FusionAuth product: FusionAuth cves: @@ -34007,7 +34007,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:01+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: GE Digital product: '' cves: @@ -34283,7 +34283,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Genesys product: '' cves: @@ -34313,7 +34313,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: GeoServer product: '' cves: @@ -34343,7 +34343,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Gerrit code review product: '' cves: @@ -34373,7 +34373,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: GFI product: '' cves: @@ -34403,7 +34403,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Ghidra product: '' cves: @@ -34433,7 +34433,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Gigamon product: Fabric Manager cves: @@ -34526,7 +34526,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Globus product: '' cves: @@ -34556,7 +34556,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: GoAnywhere product: MFT cves: @@ -34679,7 +34679,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Google Cloud product: AI Platform Data Labeling cves: @@ -38783,7 +38783,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:30+00:00' - vendor: Gradle product: Gradle Enterprise cves: @@ -38814,7 +38814,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gradle product: Gradle Enterprise Build Cache Node cves: @@ -38845,7 +38845,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gradle product: Gradle Enterprise Test Distribution Agent cves: @@ -38876,7 +38876,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Grafana product: '' cves: @@ -38906,7 +38906,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Grandstream product: '' cves: @@ -38936,7 +38936,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: Access Management cves: @@ -38967,7 +38967,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: Access Management cves: @@ -38998,7 +38998,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: API Management cves: @@ -39029,7 +39029,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: API Management cves: @@ -39060,7 +39060,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: Alert Engine cves: @@ -39091,7 +39091,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: Alert Engine cves: @@ -39122,7 +39122,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: Cockpit cves: @@ -39153,7 +39153,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee.io product: '' cves: @@ -39183,7 +39183,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravwell product: '' cves: @@ -39213,7 +39213,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Graylog product: Graylog Server cves: @@ -39244,7 +39244,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: GreenShot product: '' cves: @@ -39274,7 +39274,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: GSA product: Cloud.gov cves: @@ -39334,7 +39334,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HAProxy product: '' cves: @@ -39364,7 +39364,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HarmanPro AMX product: '' cves: @@ -39394,7 +39394,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Boundary cves: @@ -39424,7 +39424,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Consul cves: @@ -39454,7 +39454,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Consul Enterprise cves: @@ -39484,7 +39484,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Nomad cves: @@ -39514,7 +39514,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Nomad Enterprise cves: @@ -39544,7 +39544,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Packer cves: @@ -39574,7 +39574,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Terraform cves: @@ -39604,7 +39604,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Terraform Enterprise cves: @@ -39634,7 +39634,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Vagrant cves: @@ -39664,7 +39664,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Vault cves: @@ -39694,7 +39694,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Vault Enterprise cves: @@ -39724,7 +39724,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Waypoint cves: @@ -39754,7 +39754,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HCL Software product: BigFix Compliance cves: @@ -40001,7 +40001,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HENIX product: Squash TM cves: @@ -40064,7 +40064,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Hikvision product: '' cves: @@ -40094,7 +40094,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Hitachi Energy product: eSOMS cves: @@ -40124,7 +40124,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Hitachi Vantara product: '' cves: @@ -40154,7 +40154,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Honeywell product: '' cves: @@ -40184,7 +40184,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: HP product: Teradici Cloud Access Controller cves: @@ -44758,7 +44758,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Hubspot product: '' cves: @@ -44788,7 +44788,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: I-Net software product: '' cves: @@ -44818,7 +44818,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: I2P product: '' cves: @@ -44848,7 +44848,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBA-AG product: '' cves: @@ -44878,7 +44878,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Ibexa product: '' cves: @@ -44908,7 +44908,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBM product: BigFix Compliance cves: @@ -44937,7 +44937,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBM product: BigFix Inventory cves: @@ -44969,7 +44969,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:02+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBM product: Analytics Engine cves: @@ -48093,7 +48093,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBM product: Mass Data Migration cves: @@ -48724,7 +48724,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBM product: Robotic Process Automation cves: @@ -48933,7 +48933,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBM product: Spectrum Archive Library Edition cves: @@ -50643,7 +50643,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: IGEL product: '' cves: @@ -50673,7 +50673,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Ignite Realtime product: '' cves: @@ -50703,7 +50703,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: iGrafx product: '' cves: @@ -50733,7 +50733,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Illuminated Cloud product: '' cves: @@ -50763,7 +50763,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:31+00:00' - vendor: Illumio product: C-VEN cves: @@ -51183,7 +51183,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Imperva product: '' cves: @@ -51213,7 +51213,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Inductive Automation product: '' cves: @@ -51243,7 +51243,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: IndustrialDefender product: '' cves: @@ -51273,7 +51273,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: infinidat product: '' cves: @@ -51303,7 +51303,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: InfluxData product: '' cves: @@ -51333,7 +51333,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Infoblox product: '' cves: @@ -51363,7 +51363,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Informatica product: '' cves: @@ -51393,7 +51393,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Instana product: '' cves: @@ -51423,7 +51423,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Instructure product: '' cves: @@ -51453,7 +51453,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Intel product: Audio Development Kit cves: @@ -51846,7 +51846,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Intland product: codebeamer cves: @@ -51879,7 +51879,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: IPRO product: Netgovern cves: @@ -51908,7 +51908,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: iRedMail product: '' cves: @@ -51938,7 +51938,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Ironnet product: '' cves: @@ -51968,7 +51968,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: ISLONLINE product: '' cves: @@ -51998,7 +51998,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Ivanti product: '' cves: @@ -52028,7 +52028,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jamasoftware product: '' cves: @@ -52058,7 +52058,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jamf product: Jamf Pro cves: @@ -52089,7 +52089,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jaspersoft product: '' cves: @@ -52119,7 +52119,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jedox product: '' cves: @@ -52149,7 +52149,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jenkins product: CI/CD Core cves: @@ -52178,7 +52178,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jenkins product: Plugins cves: @@ -52241,7 +52241,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory, dotCover, dotPeek) @@ -52273,7 +52273,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: ToolBox cves: @@ -52304,7 +52304,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: TeamCity cves: @@ -52335,7 +52335,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Hub cves: @@ -52366,7 +52366,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: YouTrack Standalone cves: @@ -52397,7 +52397,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: YouTrack InCloud cves: @@ -52428,7 +52428,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Datalore cves: @@ -52459,7 +52459,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Space cves: @@ -52490,7 +52490,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jetbrains product: Code With Me cves: @@ -52521,7 +52521,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Gateway cves: @@ -52552,7 +52552,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Kotlin cves: @@ -52583,7 +52583,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Ktor cves: @@ -52614,7 +52614,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: MPS cves: @@ -52645,7 +52645,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Floating license server cves: @@ -52676,7 +52676,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: UpSource cves: @@ -52707,7 +52707,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: JFROG product: '' cves: @@ -52737,7 +52737,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jitsi product: '' cves: @@ -52767,7 +52767,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jitterbit product: '' cves: @@ -52797,7 +52797,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: jPOS product: (ISO-8583) bridge cves: @@ -52828,7 +52828,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Johnson Controls product: C•CURE‐9000 cves: @@ -53726,7 +53726,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jump Desktop product: '' cves: @@ -53756,7 +53756,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Juniper Networks product: '' cves: @@ -53786,7 +53786,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Justice Systems product: '' cves: @@ -53816,7 +53816,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: K15t product: '' cves: @@ -53846,7 +53846,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: K6 product: '' cves: @@ -53876,7 +53876,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Karakun product: '' cves: @@ -53906,7 +53906,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Kaseya product: '' cves: @@ -53936,7 +53936,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Keeper Security product: '' cves: @@ -53966,7 +53966,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: KEMP product: '' cves: @@ -53996,7 +53996,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: KEMP 2 product: '' cves: @@ -54026,7 +54026,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Kofax product: '' cves: @@ -54056,7 +54056,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Konica Minolta product: '' cves: @@ -54086,7 +54086,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Kronos UKG product: '' cves: @@ -54116,7 +54116,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Kyberna product: '' cves: @@ -54146,7 +54146,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: L-Soft product: '' cves: @@ -54176,7 +54176,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: L3Harris Geospatial product: '' cves: @@ -54206,7 +54206,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Lancom Systems product: '' cves: @@ -54236,7 +54236,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Lansweeper product: '' cves: @@ -54266,7 +54266,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Laserfiche product: '' cves: @@ -54296,7 +54296,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LastPass product: '' cves: @@ -54326,7 +54326,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LaunchDarkly product: '' cves: @@ -54356,7 +54356,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Leanix product: '' cves: @@ -54386,7 +54386,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Leica BIOSYSTEMS product: Aperio AT2 cves: @@ -56641,7 +56641,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Let's Encrypt product: '' cves: @@ -56671,7 +56671,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LibreNMS product: '' cves: @@ -56701,7 +56701,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LifeRay product: '' cves: @@ -56731,7 +56731,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LifeSize product: '' cves: @@ -56761,7 +56761,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Lightbend product: '' cves: @@ -56791,7 +56791,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Lime CRM product: '' cves: @@ -56821,7 +56821,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LIONGARD product: '' cves: @@ -56851,7 +56851,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LiquidFiles product: '' cves: @@ -56881,7 +56881,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LiveAction product: '' cves: @@ -56911,7 +56911,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Loftware product: '' cves: @@ -56941,7 +56941,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LOGalyze product: SIEM & log analyzer tool cves: @@ -57004,7 +57004,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LogicMonitor product: LogicMonitor Platform cves: @@ -57034,7 +57034,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LogMeIn product: '' cves: @@ -57064,7 +57064,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LogRhythm product: '' cves: @@ -57094,7 +57094,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Looker product: Looker cves: @@ -57130,7 +57130,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: LucaNet product: '' cves: @@ -57160,7 +57160,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Lucee product: '' cves: @@ -57190,7 +57190,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Lyrasis product: Fedora Repository cves: @@ -57255,7 +57255,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Maltego product: '' cves: @@ -57285,7 +57285,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: ManageEngine product: Servicedesk Plus cves: @@ -57376,7 +57376,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: ManageEngine Zoho product: ADManager Plus cves: @@ -57778,7 +57778,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: MathWorks product: All MathWorks general release desktop or server products cves: @@ -57808,7 +57808,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: MathWorks product: MATLAB cves: @@ -57869,7 +57869,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Matomo product: '' cves: @@ -57899,7 +57899,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Mattermost FocalBoard product: '' cves: @@ -57929,7 +57929,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: McAfee product: Data Exchange Layer (DXL) Client cves: @@ -58836,7 +58836,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Meltano product: Meltano cves: @@ -58866,7 +58866,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Memurai product: '' cves: @@ -58896,7 +58896,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: MicroFocus product: '' cves: @@ -58926,7 +58926,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure Application Gateway cves: @@ -58956,7 +58956,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure API Gateway cves: @@ -58986,7 +58986,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:03+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure Data lake store java cves: @@ -59017,7 +59017,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure Data lake store java cves: @@ -59048,7 +59048,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure DevOps Server cves: @@ -59079,7 +59079,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure DevOps cves: @@ -59109,7 +59109,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure Traffic Manager cves: @@ -59139,7 +59139,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Team Foundation Server cves: @@ -59170,7 +59170,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microstrategy product: '' cves: @@ -59200,7 +59200,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Midori Global product: '' cves: @@ -59230,7 +59230,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Mikrotik product: '' cves: @@ -59260,7 +59260,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Milestone sys product: '' cves: @@ -59290,7 +59290,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Mimecast product: '' cves: @@ -59320,7 +59320,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Minecraft product: '' cves: @@ -59350,7 +59350,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Mirantis product: '' cves: @@ -59380,7 +59380,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Miro product: '' cves: @@ -59410,7 +59410,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Mitel product: '' cves: @@ -59440,7 +59440,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: MobileIron product: Core cves: @@ -59612,7 +59612,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: MongoDB product: MongoDB Atlas Search cves: @@ -59642,7 +59642,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: MongoDB product: MongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators) @@ -59673,7 +59673,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: MongoDB product: MongoDB Drivers cves: @@ -59703,7 +59703,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: MongoDB product: MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, Enterprise Kubernetes Operators) @@ -59734,7 +59734,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: MongoDB product: MongoDB Realm (including Realm Database, Sync, Functions, APIs) cves: @@ -59764,7 +59764,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: MongoDB product: MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas CLI, Database Connectors) @@ -59795,7 +59795,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: Moodle product: '' cves: @@ -59825,7 +59825,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:32+00:00' - vendor: MoogSoft product: '' cves: @@ -59855,7 +59855,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Motorola Avigilon product: '' cves: @@ -59885,7 +59885,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Mulesoft product: '' cves: @@ -59916,7 +59916,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Mulesoft product: Mule Runtime cves: @@ -60074,7 +60074,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nagios product: '' cves: @@ -60104,7 +60104,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: NAKIVO product: '' cves: @@ -60134,7 +60134,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Neo4j product: Neo4j Graph Database cves: @@ -60195,7 +60195,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Netcup product: '' cves: @@ -60225,7 +60225,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: NetGate PFSense product: '' cves: @@ -60255,7 +60255,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Netwrix product: '' cves: @@ -60285,7 +60285,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: New Relic product: Containerized Private Minion (CPM) cves: @@ -60379,7 +60379,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nextflow product: Nextflow cves: @@ -60440,7 +60440,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: NI (National Instruments) product: '' cves: @@ -60470,7 +60470,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nice Software (AWS) EnginFRAME product: '' cves: @@ -60500,7 +60500,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: NinjaRMM product: '' cves: @@ -60531,7 +60531,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nomachine product: '' cves: @@ -60561,7 +60561,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: NoviFlow product: '' cves: @@ -60591,7 +60591,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nulab product: Backlog cves: @@ -60622,7 +60622,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nulab product: Backlog Enterprise (On-premises) cves: @@ -60653,7 +60653,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nulab product: Cacoo cves: @@ -60684,7 +60684,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nulab product: Cacoo Enterprise (On-premises) cves: @@ -60715,7 +60715,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nulab product: Typetalk cves: @@ -60746,7 +60746,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nutanix product: AHV cves: @@ -61854,7 +61854,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: NXLog product: '' cves: @@ -61884,7 +61884,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Objectif Lune product: '' cves: @@ -61914,7 +61914,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: OCLC product: '' cves: @@ -61944,7 +61944,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Octopus product: '' cves: @@ -61974,7 +61974,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Okta product: Advanced Server Access cves: @@ -62336,7 +62336,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Opengear product: '' cves: @@ -62366,7 +62366,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: OpenMRS TALK product: '' cves: @@ -62396,7 +62396,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: OpenNMS product: '' cves: @@ -62426,7 +62426,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: OpenSearch product: '' cves: @@ -62456,7 +62456,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: OpenText product: '' cves: @@ -62614,7 +62614,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Osirium product: PAM cves: @@ -62644,7 +62644,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Osirium product: PEM cves: @@ -62674,7 +62674,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Osirium product: PPA cves: @@ -62704,7 +62704,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: OTRS product: '' cves: @@ -62734,7 +62734,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: OVHCloud product: '' cves: @@ -62764,7 +62764,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: OwnCloud product: '' cves: @@ -62794,7 +62794,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: OxygenXML product: Author cves: @@ -63310,7 +63310,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Palo-Alto Networks-OS for Panorama cves: @@ -63375,7 +63375,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Cortex Data Lake cves: @@ -63405,7 +63405,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Cortex Xpanse cves: @@ -63435,7 +63435,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Cortex XDR Agent cves: @@ -63465,7 +63465,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Cortex XSOAR cves: @@ -63495,7 +63495,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Expedition cves: @@ -63525,7 +63525,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: IoT Security cves: @@ -63555,7 +63555,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: GlobalProtect App cves: @@ -63585,7 +63585,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Palo-Alto Networks-OS for Firewall and Wildfire cves: @@ -63615,7 +63615,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Prisma Access cves: @@ -63645,7 +63645,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Prisma Cloud cves: @@ -63675,7 +63675,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Prisma Cloud Compute cves: @@ -63705,7 +63705,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Okyo Grade cves: @@ -63735,7 +63735,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: SaaS Security cves: @@ -63765,7 +63765,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: WildFire Appliance cves: @@ -63795,7 +63795,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: WildFire Cloud cves: @@ -63825,7 +63825,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: User-ID Agent cves: @@ -63855,7 +63855,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Panopto product: '' cves: @@ -63885,7 +63885,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: PaperCut product: PaperCut MF cves: @@ -63981,7 +63981,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Parse.ly product: '' cves: @@ -64011,7 +64011,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: PBXMonitor product: RMM for 3CX PBX cves: @@ -64072,7 +64072,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pentaho product: '' cves: @@ -64102,7 +64102,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pepperl+Fuchs product: '' cves: @@ -64162,7 +64162,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pexip product: '' cves: @@ -64192,7 +64192,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Phenix Id product: '' cves: @@ -64222,7 +64222,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Philips product: Multiple products cves: @@ -64252,7 +64252,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: PHOENIX CONTACT product: Physical products containing firmware cves: @@ -64556,7 +64556,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Planmeca product: '' cves: @@ -64586,7 +64586,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Planon Software product: '' cves: @@ -64617,7 +64617,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Platform.SH product: '' cves: @@ -64647,7 +64647,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Plesk product: '' cves: @@ -64677,7 +64677,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Plex product: Plex Industrial IoT cves: @@ -64738,7 +64738,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Portainer product: '' cves: @@ -64768,7 +64768,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: PortSwigger product: '' cves: @@ -64798,7 +64798,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: PostGreSQL product: '' cves: @@ -64828,7 +64828,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Postman product: '' cves: @@ -64858,7 +64858,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Power Admin LLC product: PA File Sight cves: @@ -64978,7 +64978,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: PrimeKey product: '' cves: @@ -65008,7 +65008,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Progress / IpSwitch product: '' cves: @@ -65038,7 +65038,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: ProofPoint product: '' cves: @@ -65069,7 +65069,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: ProSeS product: '' cves: @@ -65099,7 +65099,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Prosys product: '' cves: @@ -65129,7 +65129,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Proxmox product: '' cves: @@ -65159,7 +65159,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: PRTG Paessler product: '' cves: @@ -65189,7 +65189,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: PTC product: Axeda Platform cves: @@ -65320,7 +65320,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Ivanti Connect Secure (ICS) cves: @@ -65350,7 +65350,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Ivanti Neurons for secure Access cves: @@ -65380,7 +65380,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Ivanti Neurons for ZTA cves: @@ -65410,7 +65410,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Connect Secure cves: @@ -65440,7 +65440,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Desktop Client cves: @@ -65470,7 +65470,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Mobile Client cves: @@ -65500,7 +65500,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse One cves: @@ -65530,7 +65530,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Policy Secure cves: @@ -65560,7 +65560,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Secure Services Director cves: @@ -65590,7 +65590,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Secure Virtual Traffic Manager cves: @@ -65620,7 +65620,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Secure Web Application Firewall cves: @@ -65650,7 +65650,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse ZTA cves: @@ -65680,7 +65680,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Puppet product: '' cves: @@ -65710,7 +65710,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pure Storage product: '' cves: @@ -65741,7 +65741,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Ivanti Neurons for ZTA cves: @@ -65771,7 +65771,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Ivanti Neurons for secure Access cves: @@ -65801,7 +65801,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pure Storage product: FlashBlade cves: @@ -65992,7 +65992,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: QF-Test product: '' cves: @@ -66022,7 +66022,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Qlik product: '' cves: @@ -66052,7 +66052,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: QMATIC product: Orchestra Central cves: @@ -66206,7 +66206,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: QOPPA product: '' cves: @@ -66236,7 +66236,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: QSC Q-SYS product: '' cves: @@ -66266,7 +66266,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: QT product: '' cves: @@ -66296,7 +66296,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Quest Global product: '' cves: @@ -66326,7 +66326,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: R product: R cves: @@ -66387,7 +66387,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Radware product: '' cves: @@ -66417,7 +66417,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Rapid7 product: AlcidekArt, kAdvisor, and kAudit cves: @@ -67201,7 +67201,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Ravelin product: '' cves: @@ -67231,7 +67231,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:04+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Real-Time Innovations (RTI) product: Distributed Logger cves: @@ -68366,7 +68366,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: RedGate product: '' cves: @@ -68396,7 +68396,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: ResMed product: myAir cves: @@ -68486,7 +68486,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: Reiner SCT product: '' cves: @@ -68516,7 +68516,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:33+00:00' - vendor: ReportURI product: '' cves: @@ -68546,7 +68546,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Respondus product: '' cves: @@ -68577,7 +68577,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Revenera / Flexera product: '' cves: @@ -68607,7 +68607,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Ricoh product: '' cves: @@ -68637,7 +68637,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: RingCentral product: '' cves: @@ -68667,7 +68667,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Riverbed product: '' cves: @@ -68697,7 +68697,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Rockwell Automation product: FactoryTalk Analytics DataFlowML cves: @@ -68920,7 +68920,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Rosette.com product: '' cves: @@ -68950,7 +68950,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA product: SecurID Authentication Manager cves: @@ -68979,7 +68979,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA product: SecurID Authentication Manager Prime cves: @@ -69008,7 +69008,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA product: SecurID Authentication Manager WebTier cves: @@ -69037,7 +69037,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA product: SecurID Governance and Lifecycle cves: @@ -69066,7 +69066,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA product: SecurID Governance and Lifecycle Cloud cves: @@ -69095,7 +69095,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA product: SecurID Identity Router cves: @@ -69124,7 +69124,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA Netwitness product: '' cves: @@ -69154,7 +69154,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Rstudioapi product: Rstudioapi cves: @@ -69216,7 +69216,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Ruckus product: Virtual SmartZone (vSZ) cves: @@ -69277,7 +69277,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: PagerDuty product: PagerDuty SaaS cves: @@ -69341,7 +69341,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SAE-IT product: '' cves: @@ -69371,7 +69371,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SAFE FME Server product: '' cves: @@ -69401,7 +69401,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SAGE product: '' cves: @@ -69431,7 +69431,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SailPoint product: '' cves: @@ -69462,7 +69462,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Salesforce product: Analytics Cloud cves: @@ -70147,7 +70147,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SAP product: '' cves: @@ -70270,7 +70270,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SASSAFRAS product: '' cves: @@ -70300,7 +70300,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Savignano software solutions product: '' cves: @@ -70330,7 +70330,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SBT product: SBT cves: @@ -70392,7 +70392,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: ScaleFusion MobileLock Pro product: '' cves: @@ -70422,7 +70422,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Schneider Electric product: EcoStruxure IT Gateway cves: @@ -71193,7 +71193,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: ScreenBeam product: '' cves: @@ -71223,7 +71223,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SDL worldServer product: '' cves: @@ -71253,7 +71253,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Seagull Scientific product: '' cves: @@ -71283,7 +71283,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SecurePoint product: '' cves: @@ -71313,7 +71313,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Security Onion product: '' cves: @@ -71343,7 +71343,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Securonix product: SNYPR Application cves: @@ -71528,7 +71528,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SentinelOne product: '' cves: @@ -71558,7 +71558,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Sentry product: '' cves: @@ -71588,7 +71588,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SEP product: '' cves: @@ -71618,7 +71618,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Server Eye product: '' cves: @@ -71648,7 +71648,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: ServiceNow product: '' cves: @@ -71678,7 +71678,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Shibboleth product: '' cves: @@ -71708,7 +71708,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Shibboleth product: All Products cves: @@ -71770,7 +71770,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Siebel product: '' cves: @@ -71800,7 +71800,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Siemens product: Affected Products cves: @@ -73047,7 +73047,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Signald product: '' cves: @@ -73077,7 +73077,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Silver Peak product: Orchestrator, Silver Peak GMS cves: @@ -73141,7 +73141,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Sitecore product: '' cves: @@ -73171,7 +73171,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Skillable product: '' cves: @@ -73201,7 +73201,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SLF4J product: '' cves: @@ -73231,7 +73231,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Slurm product: Slurm cves: @@ -73292,7 +73292,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SmileCDR product: '' cves: @@ -73322,7 +73322,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Snakemake product: Snakemake cves: @@ -73383,7 +73383,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Snow Software product: Snow Commander cves: @@ -73414,7 +73414,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Snow Software product: VM Access Proxy cves: @@ -73445,7 +73445,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Snowflake product: '' cves: @@ -73475,7 +73475,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Snyk product: Cloud Platform cves: @@ -73505,7 +73505,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Software AG product: '' cves: @@ -73535,7 +73535,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SolarWinds product: Database Performance Analyzer (DPA) cves: @@ -73660,7 +73660,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Sonatype product: All Products cves: @@ -74634,7 +74634,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Spambrella product: '' cves: @@ -74664,7 +74664,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Spigot product: '' cves: @@ -74694,7 +74694,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Splunk product: Splunk Add-On for Java Management Extensions [App ID 2647](https://splunkbase.splunk.com/app/2647) cves: @@ -74725,7 +74725,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Splunk Add-On for JBoss [App ID 2954](https://splunkbase.splunk.com/app/2954/) cves: @@ -74756,7 +74756,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Add-On for Tomcat [App ID 2911](https://splunkbase.splunk.com/app/2911/) cves: @@ -74787,7 +74787,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Data Stream Processor cves: @@ -74820,7 +74820,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: IT Essentials Work [App ID 5403](https://splunkbase.splunk.com/app/5403/) cves: @@ -74853,7 +74853,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: IT Service Intelligence (ITSI) [App ID 1841](https://splunkbase.splunk.com/app/1841/) cves: @@ -74890,7 +74890,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Connect for Kafka cves: @@ -74921,7 +74921,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Enterprise (including instance types like Heavy Forwarders) cves: @@ -74954,7 +74954,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Enterprise Amazon Machine Image (AMI) cves: @@ -74985,7 +74985,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Enterprise Docker Container cves: @@ -75016,7 +75016,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Logging Library for Java cves: @@ -75047,7 +75047,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk OVA for VMWare [App ID 3216](https://splunkbase.splunk.com/app/3216/) cves: @@ -75078,7 +75078,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk OVA for VMWare Metrics [App ID 5096](https://splunkbase.splunk.com/app/5096/) cves: @@ -75109,7 +75109,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) cves: @@ -75140,7 +75140,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk On-call / VictorOps cves: @@ -75171,7 +75171,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Real User Monitoring cves: @@ -75202,7 +75202,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Application Performance Monitoring cves: @@ -75233,7 +75233,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Infrastructure Monitoring cves: @@ -75264,7 +75264,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Log Observer cves: @@ -75295,7 +75295,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Synthetics cves: @@ -75326,7 +75326,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk UBA OVA Software cves: @@ -75358,7 +75358,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-21T09:25:00-08:00' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Sprecher Automation product: '' cves: @@ -75388,7 +75388,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Spring product: Spring Boot cves: @@ -75419,7 +75419,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Spring Boot product: '' cves: @@ -75449,7 +75449,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: StarDog product: '' cves: @@ -75479,7 +75479,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: STERIS product: Advantage cves: @@ -77069,7 +77069,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Storagement product: '' cves: @@ -77099,7 +77099,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: StormShield product: '' cves: @@ -77129,7 +77129,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: StrangeBee TheHive & Cortex product: '' cves: @@ -77159,7 +77159,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Stratodesk product: '' cves: @@ -77189,7 +77189,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Strimzi product: '' cves: @@ -77219,7 +77219,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Stripe product: '' cves: @@ -77249,7 +77249,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Styra product: '' cves: @@ -77279,7 +77279,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Sumologic product: '' cves: @@ -77309,7 +77309,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SumoLogic product: '' cves: @@ -77339,7 +77339,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Superna EYEGLASS product: '' cves: @@ -77369,7 +77369,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Suprema Inc product: '' cves: @@ -77399,7 +77399,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SUSE product: '' cves: @@ -77429,7 +77429,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Sweepwidget product: '' cves: @@ -77459,7 +77459,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Swyx product: '' cves: @@ -77489,7 +77489,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:05+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Synchro MSP product: '' cves: @@ -77519,7 +77519,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Syncplify product: '' cves: @@ -77549,7 +77549,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Synology product: '' cves: @@ -77579,7 +77579,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Synopsys product: '' cves: @@ -77609,7 +77609,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Syntevo product: '' cves: @@ -77639,7 +77639,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: SysAid product: '' cves: @@ -77669,7 +77669,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Sysdig product: '' cves: @@ -77699,7 +77699,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Tableau product: Tableau Server cves: @@ -77963,7 +77963,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Tanium product: All cves: @@ -78024,7 +78024,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: TeamPasswordManager product: '' cves: @@ -78054,7 +78054,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Teamviewer product: '' cves: @@ -78084,7 +78084,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Tech Software product: OneAegis (f/k/a IRBManager) cves: @@ -78207,7 +78207,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Telestream product: '' cves: @@ -78237,7 +78237,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Tenable product: Tenable.io / Nessus cves: @@ -78268,7 +78268,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:34+00:00' - vendor: Thales product: CipherTrust Application Data Protection (CADP) – CAPI.net & Net Core cves: @@ -80167,7 +80167,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: ThycoticCentrify product: Secret Server cves: @@ -80445,7 +80445,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Top Gun Technology (TGT) product: '' cves: @@ -80475,7 +80475,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: TopDesk product: '' cves: @@ -80505,7 +80505,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Topicus Security product: Topicus KeyHub cves: @@ -80566,7 +80566,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Tosibox product: '' cves: @@ -80596,7 +80596,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: TPLink product: Omega Controller cves: @@ -80659,7 +80659,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Tricentis Tosca product: '' cves: @@ -80689,7 +80689,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Tripwire product: '' cves: @@ -80719,7 +80719,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Trimble product: eCognition cves: @@ -80779,7 +80779,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Tufin product: '' cves: @@ -80809,7 +80809,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: TYPO3 product: '' cves: @@ -80839,7 +80839,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Ubiquiti product: UniFi Network Application cves: @@ -80870,7 +80870,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Ubiquiti product: UniFi Network Controller cves: @@ -80932,7 +80932,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Umbraco product: '' cves: @@ -80962,7 +80962,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: UniFlow product: '' cves: @@ -80992,7 +80992,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Unify ATOS product: '' cves: @@ -81022,7 +81022,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Unimus product: '' cves: @@ -81052,7 +81052,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: UiPath product: InSights cves: @@ -81113,7 +81113,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: VArmour product: '' cves: @@ -81143,7 +81143,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Varian product: Acuity cves: @@ -82414,7 +82414,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Varonis product: '' cves: @@ -82444,7 +82444,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Veeam product: '' cves: @@ -82474,7 +82474,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Venafi product: '' cves: @@ -82504,7 +82504,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Veritas NetBackup product: '' cves: @@ -82534,7 +82534,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Vertica product: '' cves: @@ -82564,7 +82564,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Viso Trust product: '' cves: @@ -82594,7 +82594,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: VMware product: API Portal for VMware Tanzu cves: @@ -83856,7 +83856,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Wasp Barcode technologies product: '' cves: @@ -83886,7 +83886,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: WatchGuard product: Secplicity cves: @@ -83916,7 +83916,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Western Digital product: '' cves: @@ -83946,7 +83946,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: WIBU Systems product: CodeMeter Keyring for TIA Portal cves: @@ -84038,7 +84038,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: WireShark product: '' cves: @@ -84068,7 +84068,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Wistia product: '' cves: @@ -84098,7 +84098,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: WitFoo product: '' cves: @@ -84128,7 +84128,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: WordPress product: '' cves: @@ -84158,7 +84158,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Worksphere product: '' cves: @@ -84188,7 +84188,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Wowza product: '' cves: @@ -84218,7 +84218,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: WSO2 product: WSO2 Enterprise Integrator cves: @@ -84249,7 +84249,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: XCP-ng product: '' cves: @@ -84279,7 +84279,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: XenForo product: '' cves: @@ -84309,7 +84309,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Xerox product: '' cves: @@ -84339,7 +84339,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: XPertDoc product: '' cves: @@ -84369,7 +84369,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: XPLG product: '' cves: @@ -84399,7 +84399,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: XWIKI product: '' cves: @@ -84429,7 +84429,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Xylem product: Aquatalk cves: @@ -84945,7 +84945,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: YellowFin product: '' cves: @@ -84975,7 +84975,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: YOKOGAWA product: '' cves: @@ -85035,7 +85035,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zabbix product: '' cves: @@ -85065,7 +85065,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: ZAMMAD product: '' cves: @@ -85095,7 +85095,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zaproxy product: '' cves: @@ -85125,7 +85125,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zebra product: '' cves: @@ -85155,7 +85155,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zendesk product: All Products cves: @@ -85218,7 +85218,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zentera Systems, Inc. product: CoIP Access Platform cves: @@ -85279,7 +85279,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zesty product: '' cves: @@ -85309,7 +85309,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zimbra product: '' cves: @@ -85339,7 +85339,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zix product: '' cves: @@ -85399,7 +85399,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: ZPE systems Inc product: '' cves: @@ -85429,7 +85429,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zscaler product: See Link (Multiple Products) cves: @@ -85489,7 +85489,7 @@ software: references: - '' reporter: cisagov - last_updated: '2021-12-30T17:58:06+00:00' + last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zyxel product: Security Firewall/Gateways cves: From ed101b9604d731d9f2afa65b843f1e3a7627d8d6 Mon Sep 17 00:00:00 2001 From: Nick <50747025+mcdonnnj@users.noreply.github.com> Date: Thu, 30 Dec 2021 14:47:14 -0500 Subject: [PATCH 12/12] Use the long form of a switch for git We prefer using the long form of switches for command line programs to improve maintainability and to better convey what is happening even if someone is unfamiliar with the switches for a given program. Co-authored-by: dav3r --- .github/workflows/update_software_list.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update_software_list.yml b/.github/workflows/update_software_list.yml index 4eabb95..acf65b7 100644 --- a/.github/workflows/update_software_list.yml +++ b/.github/workflows/update_software_list.yml @@ -108,4 +108,4 @@ jobs: git merge origin/${{ needs.setup.outputs.testing_branch }} git push - name: Cleanup testing branch - run: git push -d origin ${{ needs.setup.outputs.testing_branch }} + run: git push --delete origin ${{ needs.setup.outputs.testing_branch }}