diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index b496a05..0c198bc 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -1351,7 +1351,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to | HCL Software | BigFix Mobile | | | Not Affected | [link](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | Not Affected for related CVE-2021-45046 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | HCL Software | BigFix Patch | | | Not Affected | [link](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | Not Affected for related CVE-2021-45046 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | HelpSystems Clearswift | | | | Unknown | [link](https://community.helpsystems.com/kb-nav/kb-article/?id=37becc1c-255c-ec11-8f8f-6045bd006687) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| HENIX | Squash TM | | 1.21.7 - 1.22.9, 2.0.3 - 2.1.5, 2.2.0 - 3.0.2 | Fixed | [link](https://tm-en.doc.squashtest.com/v3/downloads.html#download-previous-versions) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 | +| HENIX | Squash TM | | 1.21.7-1.22.9, 2.0.3-2.1.5, 2.2.0-3.0.2 | Fixed | [link](https://tm-en.doc.squashtest.com/v3/downloads.html#download-previous-versions) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 | | Hexagon | | | | Unknown | [link](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Hikvision | | | | Unknown | [link](https://video.xortec.de/media/pdf/87/e8/03/kw50_Update-for-Apache-Log4j2-Issue-Hikvision_official.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Hitachi Energy | 3rd party - Elastic Search, Kibana | | Elasticsearch 5.0.0+ | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | Set the JVM option -Dlog4j2.formatMsgNoLookups=true and restart each node of the cluster. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | @@ -1366,8 +1366,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Hitachi Energy | Lumada APM SaaS offering | | | Unknown | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No action is required by customers. The SaaS offering has been patched per the recommendations. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | | Hitachi Energy | Lumada EAM / FSM | | v1.7.x, v1.8.x, v1.9.x | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See Section Mitigation Strategy in vendor advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | | Hitachi Energy | MMS Internal facing subcomponent. | | | Unknown | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | -| Hitachi Energy | Network Manager ADMS Network Model Server | | 9.1.0.32 - 9.1.0.44 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See vendor advisory for instructions on mitigation steps. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | -| Hitachi Energy | Network Manager Outage Management Interface (CMI) | | 9.0 - 9.10.44, 9.1.1, 10.3.4 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See vendor advisory for instructions on mitigation steps. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | +| Hitachi Energy | Network Manager ADMS Network Model Server | | 9.1.0.32-9.1.0.44 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See vendor advisory for instructions on mitigation steps. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | +| Hitachi Energy | Network Manager Outage Management Interface (CMI) | | 9.0-9.10.44, 9.1.1, 10.3.4 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See vendor advisory for instructions on mitigation steps. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | | Hitachi Energy | nMarket Global I-SEM | | 3.7.15, 3.7.16 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | | Hitachi Energy | RelCare | | 2.0.0 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No action is required by customers. The RelCare SaaS hosted solution and the on-premises have been patched per the recommendations. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | | Hitachi Energy | UNEM | | R15A, R14B, R14A, R11B SP1 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | A patch is available for releases R15A, R14B, R14A and R11B SP1. For details on how to apply such patch, please refer to the technical bulletin “UNEM - Installation of Log4j Patch”, version A (1KHW029176) available in the Hitachi Energy Customer Connect Portal. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | @@ -1396,6 +1396,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to | HOLOGIC | Unifi Workspace | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | | HOLOGIC | Windows Selenia Mammography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | | Honeywell | | | | Unknown | [link](https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | HPE | 3PAR StoreServ Arrays | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | AirWave Management Platform | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | Alletra 6000 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | diff --git a/data/cisagov.yml b/data/cisagov.yml index 42f2d44..7633387 100644 --- a/data/cisagov.yml +++ b/data/cisagov.yml @@ -39478,9 +39478,9 @@ software: investigated: true affected_versions: [] fixed_versions: - - 1.21.7 - 1.22.9 - - 2.0.3 - 2.1.5 - - 2.2.0 - 3.0.2 + - 1.21.7-1.22.9 + - 2.0.3-2.1.5 + - 2.2.0-3.0.2 unaffected_versions: [] cve-2021-45046: investigated: false @@ -39942,7 +39942,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 9.1.0.32 - 9.1.0.44 + - 9.1.0.32-9.1.0.44 unaffected_versions: [] cve-2021-45046: investigated: false @@ -39972,7 +39972,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 9.0 - 9.10.44 + - 9.0-9.10.44 - 9.1.1 - 10.3.4 unaffected_versions: [] @@ -40824,6 +40824,36 @@ software: references: - '' last_updated: '2022-01-12T07:18:53+00:00' + - vendor: HPE/Micro Focus + product: Data Protector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '9.09' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://portal.microfocus.com/s/article/KM000003243 + notes: '' + references: + - '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)' + last_updated: '2021-12-17T00:00:00' - vendor: HPE product: 3PAR StoreServ Arrays cves: