|
|
|
@ -90,9 +90,8 @@ software: |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf |
|
|
|
|
notes: GE Digital has fixed the log4j issue on the APM. Validation and test completed |
|
|
|
|
in development environment and the team is currently deploying the fixes in |
|
|
|
|
the production environment. |
|
|
|
|
notes: GE Digital has fixed the log4j issue on the APM. Validation and test completed in development environment and the team is currently |
|
|
|
|
deploying the fixes in the production environment. |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-22T00:00:00' |
|
|
|
@ -122,8 +121,7 @@ software: |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf |
|
|
|
|
notes: GE Gas Power is still validating the workaround provided by FoxGuard in |
|
|
|
|
Technical Information Notice – M1221-S01. |
|
|
|
|
notes: GE Gas Power is still validating the workaroun provided by FoxGuard in Technical Information Notice – M1221-S01. |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-22T00:00:00' |
|
|
|
@ -153,12 +151,11 @@ software: |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf |
|
|
|
|
notes: GE Gas Power has tested and validated the component of the BSC 2.0 that |
|
|
|
|
is impacted (McAfee SIEM 11.x). The update and instructions can be downloaded |
|
|
|
|
from link in reference section. This update is available to customer only and |
|
|
|
|
has not been reviewed by CISA. |
|
|
|
|
notes: GE Gas Power has tested and validated the component of the BSC 2.0 that is impacted (McAfee SIEM 11.x). |
|
|
|
|
The update and instructions can be downloaded from link in reference section. This update is available to customer only and has not |
|
|
|
|
been reviewed by CISA. |
|
|
|
|
references: |
|
|
|
|
- '[Customer Portal Update](https://gepowerpac.servicenow.com/kb_view.do?sysparm_article=KB0029420)' |
|
|
|
|
- 'https://gepowerpac.servicenow.com/kb_view.do?sysparm_article=KB0029420' |
|
|
|
|
last_updated: '2021-12-22T00:00:00' |
|
|
|
|
- vendor: GE Gas Power |
|
|
|
|
product: Control Server |
|
|
|
@ -186,8 +183,7 @@ software: |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf |
|
|
|
|
notes: Please see vCenter. Control Server is not directly impacted. It is impacted |
|
|
|
|
through vCenter. |
|
|
|
|
notes: Please see vCenter. Control Server is not directly impacted. It is impacted through vCenter. |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-22T00:00:00' |
|
|
|
@ -337,14 +333,14 @@ software: |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf |
|
|
|
|
notes: GE Gas Power has tested and validated the update provided by Vmware. The |
|
|
|
|
update and instructions can be downloaded from link in reference section. This |
|
|
|
|
update is available to customer only and has not been reviewed by CISA. |
|
|
|
|
notes: GE Gas Power has tested and validated the update provided by Vmware. |
|
|
|
|
The update and instructions can be downloaded from link in reference section. This update is available to customer only and has not |
|
|
|
|
been reviewed by CISA. |
|
|
|
|
references: |
|
|
|
|
- '[Customer Portal Update](https://gepowerpac.servicenow.com/kb_view.do?sysparm_article=KB0029417)' |
|
|
|
|
- 'https://gepowerpac.servicenow.com/kb_view.do?sysparm_article=KB0029417' |
|
|
|
|
last_updated: '2021-12-22T00:00:00' |
|
|
|
|
- vendor: GE Healthcare |
|
|
|
|
product: '' |
|
|
|
|
product: All |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
@ -374,7 +370,7 @@ software: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-22T00:00:00' |
|
|
|
|
- vendor: Gearset |
|
|
|
|
product: '' |
|
|
|
|
product: All |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
@ -403,7 +399,7 @@ software: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: Genesys |
|
|
|
|
product: '' |
|
|
|
|
product: All |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
@ -432,7 +428,7 @@ software: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: GeoServer |
|
|
|
|
product: '' |
|
|
|
|
product: All |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
@ -460,8 +456,68 @@ software: |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: Gerrit code review |
|
|
|
|
product: '' |
|
|
|
|
- vendor: GeoSolutions |
|
|
|
|
product: GeoNetwork |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
'All' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://my.geocat.net/knowledgebase/125/Log4j-RCE-CVE-2021-44228-vulnerability-patch.html |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-16T07:18:50+00:00' |
|
|
|
|
- vendor: GeoSolutions |
|
|
|
|
product: GeoServer |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: |
|
|
|
|
- 'All' |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://my.geocat.net/knowledgebase/125/Log4j-RCE-CVE-2021-44228-vulnerability-patch.html |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-16T07:18:50+00:00' |
|
|
|
|
- vendor: Gerrit Code Review |
|
|
|
|
product: All |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
@ -489,8 +545,8 @@ software: |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: GFI |
|
|
|
|
product: '' |
|
|
|
|
- vendor: GFI Software |
|
|
|
|
product: All |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
@ -518,8 +574,38 @@ software: |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: GFI Software |
|
|
|
|
product: Kerio Connect |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- '' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/ |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: Ghidra |
|
|
|
|
product: '' |
|
|
|
|
product: All |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
@ -547,6 +633,36 @@ software: |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: Ghisler |
|
|
|
|
product: Total Commander |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: |
|
|
|
|
- '' |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://www.ghisler.com/whatsnew.htm |
|
|
|
|
notes: Third Party plugins might contain log4j. |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: Gigamon |
|
|
|
|
product: Fabric Manager |
|
|
|
|
cves: |
|
|
|
@ -557,9 +673,9 @@ software: |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: |
|
|
|
|
- <5.13.01.02 |
|
|
|
|
fixed_versions: [] |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- '<5.13.01.02' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
@ -608,8 +724,71 @@ software: |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-17T00:00:00' |
|
|
|
|
- vendor: GitHub |
|
|
|
|
product: GitHub Enterprise Server |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- '3.0.22' |
|
|
|
|
- '3.1.14' |
|
|
|
|
- '3.2.6' |
|
|
|
|
- '3.3.1' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/ |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-17T00:00:00' |
|
|
|
|
- vendor: GitLab |
|
|
|
|
product: '' |
|
|
|
|
product: All |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: |
|
|
|
|
- '' |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8 |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: GitLab |
|
|
|
|
product: DAST Analyzer |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
@ -617,10 +796,41 @@ software: |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: |
|
|
|
|
- '' |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8 |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: GitLab |
|
|
|
|
product: Dependency Scanning |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- '' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
@ -632,13 +842,133 @@ software: |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763 |
|
|
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8 |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: GitLab |
|
|
|
|
product: Gemnasium-Maven |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- '' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8 |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: GitLab |
|
|
|
|
product: PMD OSS |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- '' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8 |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: GitLab |
|
|
|
|
product: SAST |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- '' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8 |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: GitLab |
|
|
|
|
product: Spotbugs |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- '' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://forum.gitlab.com/t/cve-2021-4428/62763/8 |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: Globus |
|
|
|
|
product: '' |
|
|
|
|
product: All |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
@ -667,7 +997,7 @@ software: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2022-01-12T07:18:50+00:00' |
|
|
|
|
- vendor: GoAnywhere |
|
|
|
|
product: Gateway |
|
|
|
|
product: Agents |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
@ -676,10 +1006,40 @@ software: |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: |
|
|
|
|
- < 2.8.4 |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- '' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-18T00:00:00' |
|
|
|
|
- vendor: GoAnywhere |
|
|
|
|
product: Gateway |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- 'Version 2.7.0 or later' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
@ -706,9 +1066,9 @@ software: |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: |
|
|
|
|
- < 6.8.6 |
|
|
|
|
fixed_versions: [] |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- 'Version 5.3.0 or later' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
@ -737,9 +1097,69 @@ software: |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: |
|
|
|
|
- < 1.6.5 |
|
|
|
|
- '1.4.2 or later' |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps |
|
|
|
|
notes: Versions less than GoAnywhere Agent version 1.4.2 are not affected. |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-18T00:00:00' |
|
|
|
|
- vendor: GoAnywhere |
|
|
|
|
product: Open PGP Studio |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- '' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-18T00:00:00' |
|
|
|
|
- vendor: GoAnywhere |
|
|
|
|
product: Suveyor/400 |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: |
|
|
|
|
- '' |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
@ -4931,7 +5351,7 @@ software: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- < 2021.3.6 |
|
|
|
|
- '< 2021.3.6' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
@ -4961,7 +5381,7 @@ software: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- < 10.1 |
|
|
|
|
- '< 10.1' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
@ -4991,7 +5411,7 @@ software: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: |
|
|
|
|
- < 1.6.2 |
|
|
|
|
- '< 1.6.2' |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|