r3pek
/
log4j-affected-db
mirror of https://github.com/cisagov/log4j-affected-db
1
0
Fork 0
Code Releases Activity

Merge pull request #429 from jeis4wpi/develop

Browse Source 
fix some typos if this helps?
pull/425/head^2
Lcerkov 2 years ago committed by GitHub
parent 119c1a405a 84084ad508
commit 6e7cf1024b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 11 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 22
      SOFTWARE-LIST.md

22
SOFTWARE-LIST.md
Unescape View File

@ -48,10 +48,10 @@ This list was initially populated using information from the following sources:
| AFHCAN Global LLC | AFHCANmobile | 8.0.7 - 8.4.3 | Not Affected | | [https://afhcan.org/support.aspx](https://afhcan.org/support.aspx) | | | |
| AFHCAN Global LLC | AFHCANupdate | 8.0.7 - 8.4.3 | Not Affected | | [https://afhcan.org/support.aspx](https://afhcan.org/support.aspx) | | | |
| Agilysys | | | | | [Agilysys Link](https://info.agilysys.com/webmail/76642/2001127877/c3fda575e2313fac1f6a203dc6fc1db2439c3db0da22bde1b6c1b6747d7f0e2f) | | | |
| Advanced Systems Concepts (formally Jscape) | Active MFT | | Not Affected | No | [Log4J Vulnerabilty](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | 12/14/2021 |
| Advanced Systems Concepts (formally Jscape) | MFT Server | | Not Affected | No | [Log4J Vulnerabilty](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | 12/14/2021 |
| Advanced Systems Concepts (formally Jscape) | MFT Gateway | | Not Affected | No | [Log4J Vulnerabilty](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | 12/14/2021 |
| Advanced Systems Concepts (formally Jscape) | MFT | | Not Affected | No | [Log4J Vulnerabilty](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | 12/14/2021 |
| Advanced Systems Concepts (formally Jscape) | Active MFT | | Not Affected | No | [Log4J Vulnerability](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | 12/14/2021 |
| Advanced Systems Concepts (formally Jscape) | MFT Server | | Not Affected | No | [Log4J Vulnerability](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | 12/14/2021 |
| Advanced Systems Concepts (formally Jscape) | MFT Gateway | | Not Affected | No | [Log4J Vulnerability](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | 12/14/2021 |
| Advanced Systems Concepts (formally Jscape) | MFT | | Not Affected | No | [Log4J Vulnerability](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | 12/14/2021 |
| Akamai | SIEM Splunk Connector | All | Affected | Yes | [Akamai SIEM Integration](https://splunkbase.splunk.com/app/4310/) | v1.4.11 is the new recommendation for mitigation of log4j vulnerabilities | | 12/15/2021 |
| Alcatel | | | | | [Alcatel Link](https://dokuwiki.alu4u.com/doku.php?id=log4j) | | | |
| Alertus | | | | | [Alertus Article Link](https://help.alertus.com/s/article/Security-Advisory-Log4Shell-Vulnerability?language=en_US) | | | |
@ -133,7 +133,7 @@ This list was initially populated using information from the following sources:
| Arcserve | StorageCraft OneXafe | All | Not Affected | No | [https://support.storagecraft.com/s/article/Log4J-Update](https://support.storagecraft.com/s/article/Log4J-Update) | | [https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US) | 12/14/2021 |
| ArcticWolf | | | | | [ArcticWolf Blog Post](https://arcticwolf.com/resources/blog/log4j) | | | |
| Arduino | | | | | [Arduino Support Link](https://support.arduino.cc/hc/en-us/articles/4412377144338-Arduino-s-response-to-Log4j2-vulnerability-CVE-2021-44228) | | | |
| Ariba | | | | | [Ariba Annoucement](https://connectsupport.ariba.com/sites#announcements-display&/Event/908469) | | | |
| Ariba | | | | | [Ariba Announcement](https://connectsupport.ariba.com/sites#announcements-display&/Event/908469) | | | |
| Arista | | | | | [Arista Advisory Notice](https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070) | | | |
| Aruba Networks| | | | | [Aruba Networks Notification](https://asp.arubanetworks.com/notifications/Tm90aWZpY2F0aW9uOjEwMTQ0;notificationCategory=Security) | | | |
| Ataccama | | | | | [Ataccama Link](https://www.ataccama.com/files/log4j2-vulnerability-cve-2021-44228-fix.pdf) | | | |
@ -1218,7 +1218,7 @@ This list was initially populated using information from the following sources:
| Google Cloud | Cloud Endpoints | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | 12/21/2021 |
| Google Cloud | Cloud External Key Manager (EKM) | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | 12/21/2021 |
| Google Cloud | Cloud Functions | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Functions environments to identify components dependent on Log4j 2 and update them to the latest version. | | 12/21/2021 |
| Google Cloud | Cloud Harware Security Module (HSM) | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | 12/21/2021 |
| Google Cloud | Cloud Hardware Security Module (HSM) | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | 12/21/2021 |
| Google Cloud | Cloud Intrusion Detection System (IDS) | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | 12/21/2021 |
| Google Cloud | Cloud Interconnect | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | 12/21/2021 |
| Google Cloud | Cloud Key Management Service | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | 12/21/2021 |
@ -1349,7 +1349,7 @@ This list was initially populated using information from the following sources:
| Hexagon | | | | | [Hexagon Statement](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2?language=en_US) | | | |
| Hikvision | | | | | [Hikvision](https://video.xortec.de/media/pdf/87/e8/03/kw50_Update-for-Apache-Log4j2-Issue-Hikvision_official.pdf) | | | |
| Hitachi Energy | 3rd party - Elastic Search, Kibana | Elasticsearch 5.0.0+ | Fixed | No | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | Set the JVM option -Dlog4j2.formatMsgNoLookups=true and restart each node of the cluster. | | 01/05/2022 |
| Hitachi Energy | Axis | 3.6 | Fixed | No | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No action is required by customers. Axis is a fully SaaS hosted solution adn the enviroment has been patched per the recommendations | | 01/05/2022 |
| Hitachi Energy | Axis | 3.6 | Fixed | No | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No action is required by customers. Axis is a fully SaaS hosted solution and the environment has been patched per the recommendations | | 01/05/2022 |
| Hitachi Energy | Counterparty Settlement and Billing (CSB) | v6 | Fixed | Yes | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | | | 01/05/2022 |
| Hitachi Energy | e-Mesh Monitor | | Fixed | No | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No end-user action needed. The affected e-Mesh Monitor part is at the cloud offering side of which the remediation is handled by Hitachi Energy team. Remediation is currently ongoing, and during this time period, e-Mesh Monitor edge device is not able to upload data to cloud. | | 01/05/2022 |
| Hitachi Energy | eSOMS | | Not Affected | | [Hitachi Energy](https://www.hitachienergy.com/offering/solutions/cybersecurity/alerts-and-notifications) | | | |
@ -1628,7 +1628,7 @@ This list was initially populated using information from the following sources:
| IBM | IBM Sterling Connect:Express for z/OS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 |
| IBM | Instana Agent | Timestamp lower than 12-11-2021 | Affected | Yes | [Status Instana](https://status.instana.io/incidents/4zgcd2gzf4jw) | | | 12/14/2021 |
| IBM | Internet Services | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 |
| IBM | Key Lifecyle Manager for z/OS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 |
| IBM | Key Lifecycle Manager for z/OS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 |
| IBM | Key Protect | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 |
| IBM | Knowledge Studio | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 |
| IBM | Kubernetes Service | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 |
@ -2410,7 +2410,7 @@ This list was initially populated using information from the following sources:
| Securonix | User and Entity Behavior Analytics(UEBA) | All | Affected | | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 |
| Securonix | Security Analytics and Operations Platform (SOAR) | All | Affected | | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 |
| Securonix | Extended Detection and Response (XDR) | All | Affected | | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 |
| Seeburger | | | | | [Seeburger Service Desk Link](https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open) | This advisory is avaiable to customers only and has not been reviewed by CISA. | | |
| Seeburger | | | | | [Seeburger Service Desk Link](https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open) | This advisory is available to customers only and has not been reviewed by CISA. | | |
| SentinelOne | | | | | [SentinelOne Blog Post](https://www.sentinelone.com/blog/cve-2021-44228-staying-secure-apache-log4j-vulnerability/) | | | |
| Sentry | | | | | [Sentry Blog Post](https://blog.sentry.io/2021/12/15/sentrys-response-to-log4j-vulnerability-cve-2021-44228) | | | |
| SEP | | | | | [SEP Support Link](https://support.sep.de/otrs/public.pl?Action=PublicFAQZoom;ItemID=132) | | | |
@ -2475,8 +2475,8 @@ This list was initially populated using information from the following sources:
| SmileCDR | | | | | [SmileCDR Blog Post](https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228) | | | |
| Snakemake | Snakemake | 6.12.1 | Not Affected | | [https://snakemake.readthedocs.io/en/stable/](https://snakemake.readthedocs.io/en/stable/) | | | 12/21/2021 |
| Sn0m | | | | | [Sn0m Link](https://www.snom.com/en/press/log4j-poses-no-threat-snom-phones/) | | | |
| Snow Software | Snow Commander | 8.1 to 8.10.2 | Fixed | Yes | [Snow Software Commmunity Link](https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS) | | | |
| Snow Software | VM Access Proxy | v3.1 to v3.6 | Fixed | Yes | [Snow Software Commmunity Link](https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS) | | | |
| Snow Software | Snow Commander | 8.1 to 8.10.2 | Fixed | Yes | [Snow Software Community Link](https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS) | | | |
| Snow Software | VM Access Proxy | v3.1 to v3.6 | Fixed | Yes | [Snow Software Community Link](https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS) | | | |
| Snowflake | | | Not Affected | | [Snowflake Community Link](https://community.snowflake.com/s/article/No-Snowflake-exposure-to-Apache-Log4j-vulnerability-CVE-2021-44228) | | | |
| Snyk | Cloud Platform | |Not Affected | | [Snyk Updates](https://updates.snyk.io/snyk%27s-cloud-platform-all-clear-from-log4j-exploits-216499) | | | |
| Software AG | | | | | [Software AG](https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849) | | | |

Write Preview
Loading…
Cancel
Save