From 6c59992c1deb3ec49ef8d2060fc81966c33522c2 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 19 Jan 2022 12:15:09 -0500 Subject: [PATCH 1/7] Update cisagov_H.yml Updated versions with quotes --- data/cisagov_H.yml | 83 +++++++++++++++++++++++----------------------- 1 file changed, 41 insertions(+), 42 deletions(-) diff --git a/data/cisagov_H.yml b/data/cisagov_H.yml index ec3baf7..07d96e9 100644 --- a/data/cisagov_H.yml +++ b/data/cisagov_H.yml @@ -423,7 +423,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -453,7 +453,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -483,7 +483,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -512,7 +512,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - < 10.0.7 + - '< 10.0.7' unaffected_versions: [] cve-2021-45046: investigated: false @@ -543,7 +543,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -573,7 +573,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -603,7 +603,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - All + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -661,9 +661,9 @@ software: investigated: true affected_versions: [] fixed_versions: - - 1.21.7 - 1.22.9 - - 2.0.3 - 2.1.5 - - 2.2.0 - 3.0.2 + - '1.21.7-1.22.9' + - '2.0.3-2.1.5' + - '2.2.0-3.0.2' unaffected_versions: [] cve-2021-45046: investigated: false @@ -751,7 +751,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - Elasticsearch 5.0.0+ + - 'Elasticsearch 5.0.0+' unaffected_versions: [] cve-2021-45046: investigated: false @@ -813,7 +813,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - v6 + - 'v6' unaffected_versions: [] cve-2021-45046: investigated: false @@ -904,10 +904,10 @@ software: investigated: true affected_versions: [] fixed_versions: - - R15A - - R14B - - R14A - - R11B SP1 + - 'R15A' + - 'R14B' + - 'R14A' + - 'R11B SP1' unaffected_versions: [] cve-2021-45046: investigated: false @@ -921,10 +921,9 @@ software: unaffected_versions: [] vendor_links: - https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch - notes: A patch is available for releases R15A, R14B, R14A and R11B SP1. . For - details on how to apply such patch, please refer to the technical bulletin “FOXMAN-UN - - Installation of Log4j Patch”, version A (1KHW029176) available in the Hitachi - Energy Customer Connect Portal. + notes: A patch is available for releases R15A, R14B, R14A and R11B SP1. . For details on how to apply such patch, + please refer to the technical bulletin “FOXMAN-UN Installation of Log4j Patch”, version A (1KHW029176) + available in the Hitachi Energy Customer Connect Portal. references: - '' last_updated: '2022-01-05T00:00:00' @@ -940,7 +939,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - R11A and R10 series + - 'R11A and R10 series' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1030,9 +1029,9 @@ software: investigated: true affected_versions: [] fixed_versions: - - v1.7.x - - v1.8.x - - v1.9.x + - 'v1.7.x' + - 'v1.8.x' + - 'v1.9.x' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1091,9 +1090,9 @@ software: investigated: true affected_versions: [] fixed_versions: - - 9.0 - 9.10.44 - - 9.1.1 - - 10.3.4 + - '9.0-9.10.44' + - '9.1.1' + - '10.3.4' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1123,7 +1122,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 9.1.0.32 - 9.1.0.44 + - '9.1.0.32-9.1.0.44' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1155,7 +1154,7 @@ software: fixed_versions: - '12.1' - '12.2' - - 19c + - '19c' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1187,8 +1186,8 @@ software: investigated: true affected_versions: [] fixed_versions: - - 3.7.15 - - 3.7.16 + - '3.7.15' + - '3.7.16' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1218,7 +1217,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 2.0.0 + - '2.0.0' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1249,10 +1248,10 @@ software: investigated: true affected_versions: [] fixed_versions: - - R15A - - R14B - - R14A - - R11B SP1 + - 'R15A' + - 'R14B' + - 'R14A' + - 'R11B SP1' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1285,7 +1284,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - R11A and R10 series + - 'R11A and R10 series' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1519,7 +1518,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - < v113 + - '< v113' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1549,7 +1548,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - < 1.0.6 + - '< 1.0.6' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1579,7 +1578,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - < 21.10.3 + - '< 21.10.3' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1609,8 +1608,8 @@ software: investigated: true affected_versions: [] fixed_versions: - - < 21.03.6 - - < 20.07.4 + - '< 21.03.6' + - '< 20.07.4' unaffected_versions: [] cve-2021-45046: investigated: false From 91e32617995dba68f61ff294f1e9d23e559ab400 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 19 Jan 2022 12:21:56 -0500 Subject: [PATCH 2/7] Update cisagov_H.yml Fix trailing whitespace --- data/cisagov_H.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/cisagov_H.yml b/data/cisagov_H.yml index 07d96e9..9138702 100644 --- a/data/cisagov_H.yml +++ b/data/cisagov_H.yml @@ -921,8 +921,8 @@ software: unaffected_versions: [] vendor_links: - https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch - notes: A patch is available for releases R15A, R14B, R14A and R11B SP1. . For details on how to apply such patch, - please refer to the technical bulletin “FOXMAN-UN Installation of Log4j Patch”, version A (1KHW029176) + notes: A patch is available for releases R15A, R14B, R14A and R11B SP1. . For details on how to apply such patch, + please refer to the technical bulletin “FOXMAN-UN Installation of Log4j Patch”, version A (1KHW029176) available in the Hitachi Energy Customer Connect Portal. references: - '' From 712b6f12dac15838f79f4faf814855d20ebecc0d Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 19 Jan 2022 12:26:38 -0500 Subject: [PATCH 3/7] Update cisagov_H.yml Add HPE/Micro Focus Data Protector --- data/cisagov_H.yml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/data/cisagov_H.yml b/data/cisagov_H.yml index 9138702..f7a33fe 100644 --- a/data/cisagov_H.yml +++ b/data/cisagov_H.yml @@ -5399,6 +5399,36 @@ software: references: - '' last_updated: '2021-12-12T00:00:00' + - vendor: HPE/Micro Focus + product: Data Protector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: + - '9.09' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://portal.microfocus.com/s/article/KM000003243 + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - https://portal.microfocus.com/s/article/KM000003050 + last_updated: '2021-12-17T00:00:00' - vendor: HOLOGIC product: Advanced Workflow Manager (AWM) cves: From 0c9b7f1de64be9c75a3ae379baaf764c50f3e933 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 19 Jan 2022 12:37:40 -0500 Subject: [PATCH 4/7] Update cisagov_M.yml Update versions with quotes --- data/cisagov_M.yml | 50 +++++++++++++++++++++++----------------------- 1 file changed, 25 insertions(+), 25 deletions(-) diff --git a/data/cisagov_M.yml b/data/cisagov_M.yml index 5e33f8f..a2f5906 100644 --- a/data/cisagov_M.yml +++ b/data/cisagov_M.yml @@ -73,7 +73,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 11305 and below + - '< 11305' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -105,7 +105,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - Build 6.1 build 6114 + - 'Build 6.1 build 6114' cve-2021-45046: investigated: false affected_versions: [] @@ -161,7 +161,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - On-Prem + - 'On-Prem' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -191,7 +191,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - On-Prem + - 'On-Prem' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -221,7 +221,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - On-Prem + - 'On-Prem' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -251,7 +251,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - On-Prem + - 'On-Prem' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -281,7 +281,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - On-Prem + - 'On-Prem' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -311,7 +311,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - On-Prem + - 'On-Prem' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -341,7 +341,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - On-Prem + - 'On-Prem' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -371,7 +371,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - On-Prem + - 'On-Prem' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -401,7 +401,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - On-Prem + - 'On-Prem' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -431,7 +431,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - On-Prem + - 'On-Prem' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -461,7 +461,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - On-Prem + - 'On-Prem' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -491,7 +491,7 @@ software: cve-2021-44228: investigated: false affected_versions: - - On-Prem + - 'On-Prem' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -610,7 +610,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 1.59.10+ + - '1.59.10+' unaffected_versions: [] cve-2021-45046: investigated: false @@ -950,7 +950,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 5.10 CU11 + - '5.10 CU11' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1344,7 +1344,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 11.5.3 + - '11.5.3' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1747,7 +1747,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - < 2.3.10 + - '< 2.3.10' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -1777,7 +1777,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - < 2.3.10 + - '< 2.3.10' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -1807,7 +1807,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 2019.0 - 2020.1 + - '2019.0 - 2020.1' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -1895,7 +1895,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 2018.2+ + - '2018.2+' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -2568,8 +2568,8 @@ software: cve-2021-44228: investigated: true affected_versions: - - 3.x - - 4.x + - '3.x' + - '4.x' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -2600,7 +2600,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 6.x + - '6.x' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -2661,7 +2661,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 7.x + - '7.x' fixed_versions: [] unaffected_versions: [] cve-2021-45046: From e18b1af8b97479c25d56e20e5b346fd06d90f4e6 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 19 Jan 2022 12:41:06 -0500 Subject: [PATCH 5/7] Update cisagov_M.yml remove obsolete microfocus entry --- data/cisagov_M.yml | 29 ----------------------------- 1 file changed, 29 deletions(-) diff --git a/data/cisagov_M.yml b/data/cisagov_M.yml index a2f5906..f986f04 100644 --- a/data/cisagov_M.yml +++ b/data/cisagov_M.yml @@ -1649,35 +1649,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' - - vendor: MicroFocus - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://portal.microfocus.com/s/customportalsearch?language=en_US&searchtext=CVE-2021-44228 - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:54+00:00' - vendor: Microsoft product: Azure Application Gateway cves: From c340a009e9446fe180b540ad585934b066737042 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 19 Jan 2022 12:45:30 -0500 Subject: [PATCH 6/7] Update cisagov_M.yml Update Micro Focus entry --- data/cisagov_M.yml | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/data/cisagov_M.yml b/data/cisagov_M.yml index f986f04..7b7ddf6 100644 --- a/data/cisagov_M.yml +++ b/data/cisagov_M.yml @@ -1914,6 +1914,45 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' + - vendor: Micro Focus + product: Data Protector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '10.20' + - '10.30' + - '10.40' + - '10.50' + - '10.60' + - '10.70' + - '10.80' + - '10.90' + - '10.91' + - '11.00' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://portal.microfocus.com/s/article/KM000003052 + notes: '' + references: + - https://portal.microfocus.com/s/article/KM000003050 + last_updated: '2021-12-13T00:00:00' - vendor: Midori Global product: '' cves: From 253424a8105acfdc3284acb971039ff7ee8d8a9d Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 19 Jan 2022 12:48:05 -0500 Subject: [PATCH 7/7] Update cisagov_H.yml Update Micro Focus Entry --- data/cisagov_H.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/cisagov_H.yml b/data/cisagov_H.yml index f7a33fe..c2ac23c 100644 --- a/data/cisagov_H.yml +++ b/data/cisagov_H.yml @@ -5408,7 +5408,7 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: - '9.09'