1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-24 17:30:47 +00:00

Merge branch 'master' of https://github.com/CodeAlligator/log4j-affected-db.git into Salesforce-Statuses

This commit is contained in:
Paul Schrauder 2022-01-26 16:59:48 -06:00
commit 78b084179e
30 changed files with 25466 additions and 13512 deletions

View file

@ -68,6 +68,12 @@ jobs:
run: pip install --upgrade --requirement config/requirements.txt
- name: Create the branch for test validation
run: git switch --create ${{ needs.setup.outputs.testing_branch }}
- name: Normalize individual cisagov_*.yml files
run: |
for file in data/cisagov_*yml; do \
normalize-yml --cisagov-format "$file" > "$file".tmp; \
mv --force "$file".tmp "$file"; \
done
- name: Update the comprehensive cisagov YAML file
run: normalize-yml --cisagov-format data/cisagov_*.yml > data/cisagov.yml
- name: Generate a normalized YAML file from all source YAML files
@ -84,7 +90,7 @@ jobs:
commit_user_name: ${{ needs.setup.outputs.git_user }}
commit_user_email: ${{ needs.setup.outputs.git_email }}
commit_author: ${{ needs.setup.outputs.git_author }}
file_pattern: SOFTWARE-LIST.md data/cisagov.yml
file_pattern: SOFTWARE-LIST.md data/cisagov*.yml
merge_list_update:
runs-on: ubuntu-latest
needs:

View file

@ -231,10 +231,10 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Beijer Electronics | WARP Engineering Studio | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Bender | | | | Unknown | [link](https://www.bender.de/en/cert) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | Unknown | [link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BeyondTrust | Privilege Management Cloud | | Unknown | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| BeyondTrust | Privilege Management Reporting in BeyondInsight | | 21.2 | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| BeyondTrust | Secure Remote Access appliances | | | Not Affected | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BioMerieux | | | | Unknown | [link](https://www.biomerieux.com/en/cybersecurity-data-privacy) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| BisectHosting | | | | Unknown | [link](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BitDefender | | | | Unknown | [link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -949,8 +949,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Elastic | Kibana | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Logstash | <6.8.21, <7.16.1 | | Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Machine Learning | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| ElasticSearch | all products | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Elastic | Swiftype | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| ElasticSearch | all products | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ellucian | Admin | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Analytics | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Document Management (includes Banner Document Retention) | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
@ -1180,6 +1180,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| GoAnywhere | MFT | < 6.8.6 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| GoAnywhere | MFT Agents | < 1.6.5 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| GoCD | | | | Unknown | [link](https://www.gocd.org/2021/12/14/log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
| Google Cloud | Access Transparency | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Actifio | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) for the full statement and to obtain the hotfix (available to Actifio customers only). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AI Platform Data Labeling | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
@ -1309,14 +1310,12 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Google Cloud | Virtual Private Cloud | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Web Security Scanner | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Workflows | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
| Gradle | Gradle | | | Unknown | [link](https://blog.gradle.org/log4j-vulnerability) | Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gradle | Gradle Enterprise | < 2021.3.6 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gradle | Gradle Enterprise Build Cache Node | < 10.1 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gradle | Gradle Enterprise Test Distribution Agent | < 1.6.2 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Grafana | | | | Unknown | [link](https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Grandstream | | | | Unknown | [link](https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee.io | | | | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Alert Engine | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -1324,6 +1323,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Cockpit | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee.io | | | | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravwell | | | | Unknown | [link](https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Graylog | Graylog Server | All versions >= 1.2.0 and <= 4.2.2 | | Affected | [link](https://www.graylog.org/post/graylog-update-for-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GreenShot | | | | Unknown | [link](https://greenshot.atlassian.net/browse/BUG-2871) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -1396,7 +1396,11 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| HOLOGIC | Unifi Workspace | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Windows Selenia Mammography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Honeywell | | | | Unknown | [link](https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HPE | 3PAR StoreServ Arrays | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | AirWave Management Platform | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Alletra 6000 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
@ -1508,7 +1512,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| HPE | OfficeConnect | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Primera Storage | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | RepoServer part of OPA (on Premises aggregator) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Resource Aggregator for Open Distributed Infrastructure Management | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Resource Aggregator for Open Distributed Infrastructure Management | | | Not Affected | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | RESTful Interface Tool (iLOREST) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | SAT (System Admin Toolkit) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Scripting Tools for Windows PowerShell (HPEiLOCmdlets) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
@ -1526,11 +1530,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| HPE | Superdome Flex 280 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Superdome Flex Server | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | UAN (User Access Node) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Huawei | | | | Unknown | [link](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Hubspot | | | | Unknown | [link](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| I-Net software | | | | Unknown | [link](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -2019,6 +2019,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Lyrasis | Fedora Repository | | | Not Affected | [link](https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo) | Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| MailStore | | | | Unknown | [link](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Maltego | | | | Unknown | [link](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| ManageEngine Zoho | | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ManageEngine Zoho | ADAudit Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | ADManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
@ -2032,8 +2034,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| ManageEngine Zoho | M365 Manager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | M365 Security Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | RecoveryManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| MariaDB | | | | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MathWorks | All MathWorks general release desktop or server products | | | Not Affected | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| MathWorks | MATLAB | | | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
@ -2217,6 +2217,99 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| OxygenXML | Web Author | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | WebHelp | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PagerDuty | PagerDuty SaaS | | | Unknown | [link](https://support.pagerduty.com/docs/pagerduty-log4j-zero-day-vulnerability) | We currently see no evidence of compromises on our platform. Our teams continue to monitor for new developments and for impacts on sub-processors and dependent systems. PagerDuty SaaS customers do not need to take any additional action for their PagerDuty SaaS environment | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Palantir | Palantir AI Inference Platform (AIP) | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | Fully remediated as of 1.97.0. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Palantir | Palantir Apollo | | | Not Affected | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact, and updates have been deployed for full remediation. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Palantir | Palantir Foundry | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Palantir | Palantir Gotham | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Palo-Alto Networks | Bridgecrew | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | CloudGenix | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Cortex Data Lake | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Cortex XDR Agent | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Cortex Xpanse | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Cortex XSOAR | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Expedition | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | GlobalProtect App | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | IoT Security | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Okyo Grade | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Palo-Alto Networks-OS for Firewall and Wildfire | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Palo-Alto Networks-OS for Panorama | 9.0, 9.1, 10.0 | | Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will be updated when hot fixes for the affected Panorama versions are available. PAN-OS for Panorama versions 8.1, 10.1 are not affected. | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Palo-Alto Networks | Prisma Access | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Prisma Cloud | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Prisma Cloud Compute | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | SaaS Security | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | User-ID Agent | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | WildFire Appliance | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | WildFire Cloud | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Panopto | | | | Unknown | [link](https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PaperCut | PaperCut MF | 21.0 and later | | Affected | [link](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| PaperCut | PaperCut NG | 21.0 and later | | Affected | [link](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Parallels | | | | Unknown | [link](https://kb.parallels.com/en/128696) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Parse.ly | | | | Unknown | [link](https://blog.parse.ly/parse-ly-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PBXMonitor | RMM for 3CX PBX | | | Unknown | [link](https://www.pbxmonitor.net/changelog.php) | Mirror Servers were also checked to ensure Log4J was not installed or being used by any of our systems. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Pega | | | | Unknown | [link](https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pentaho | | | | Unknown | [link](https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pepperl+Fuchs | | | | Unknown | [link](https://www.pepperl-fuchs.com/global/en/29079.htm) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Percona | | | | Unknown | [link](https://www.percona.com/blog/log4jshell-vulnerability-update/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pexip | | | | Unknown | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Phenix Id | | | | Unknown | [link](https://support.phenixid.se/uncategorized/log4j-fix/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Philips | Multiple products | | | Unknown | [link](https://www.philips.com/a-w/security/security-advisories.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PHOENIX CONTACT | Cloud Services | | | Unknown | [link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | Partly affected. Remediations are being implemented. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| PHOENIX CONTACT | Physical products containing firmware | | | Unknown | [link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| PHOENIX CONTACT | Software Products | | | Unknown | [link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Ping Identity | PingAccess | 4.0 <= version <= 6.3.2 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Ping Identity | PingCentral | | | Unknown | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Ping Identity | PingFederate | 8.0 <= version <= 10.3.4 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Ping Identity | PingFederate Java Integration Kit | < 2.7.2 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Ping Identity | PingFederate OAuth Playground | < 4.3.1 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Ping Identity | PingIntelligence | | | Unknown | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Pitney Bowes | | | | Unknown | [link](https://www.pitneybowes.com/us/support/apache-log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Planmeca | | | | Unknown | [link](https://www.planmeca.com/apache-log4j-vulnerability-in-planmeca-products/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Planon Software | | | | Unknown | [link](https://my.planonsoftware.com/uk/news/log4j-impact-on-planon/) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Platform.SH | | | | Unknown | [link](https://platform.sh/blog/2021/platformsh-protects-from-apache-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Plesk | | | | Unknown | [link](https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Plex | Plex Industrial IoT | | | Unknown | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | The product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Polycom | | | | Unknown | [link](https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Portainer | | | | Unknown | [link](https://www.portainer.io/blog/portainer-statement-re-log4j-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PortSwigger | | | | Unknown | [link](https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PostGreSQL | | | | Unknown | [link](https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Postman | | | | Unknown | [link](https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Power Admin LLC | PA File Sight | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Power Admin LLC | PA Server Monitor | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Power Admin LLC | PA Storage Monitor | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Pretix | | | | Unknown | [link](https://pretix.eu/about/de/blog/20211213-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PrimeKey | | | | Unknown | [link](https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Progress / IpSwitch | | | | Unknown | [link](https://www.progress.com/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ProofPoint | | | | Unknown | [link](https://proofpointcommunities.force.com/community/s/article/Proofpoint-Statement-Regarding-CVE-2021-44228-Java-logging-package-log4j2) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ProSeS | | | | Unknown | [link](https://www.proses.de/en/2021/12/16/log4shell-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Prosys | | | | Unknown | [link](https://prosysopc.com/news/important-security-release/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Proxmox | | | | Unknown | [link](https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PRTG Paessler | | | | Unknown | [link](https://kb.paessler.com/en/topic/90213-is-prtg-affected-by-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTC | Axeda Platform | 6.9.2 | | Affected | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingsWorx Analytics | 8.5, 9.0, 9.1, 9.2, All supported versions | | Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingsWorx Platform | 8.5, 9.0, 9.1, 9.2, All supported versions | | Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTV Group | | | | Unknown | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Ivanti Connect Secure (ICS) | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Ivanti Neurons for secure Access | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Ivanti Neurons for secure Access | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Ivanti Neurons for ZTA | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Ivanti Neurons for ZTA | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Connect Secure | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Desktop Client | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Mobile Client | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse One | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Policy Secure | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Secure Services Director | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Secure Virtual Traffic Manager | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Secure Web Application Firewall | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse ZTA | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Puppet | | | | Unknown | [link](https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pure Storage | | | | Unknown | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22)) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pure Storage | Cloud Blockstore | CBS6.1.x, CBS6.2.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | Patch expected 12/27/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Pure Storage | Flash Array | 5.3.x, 6.0.x, 6.1.x, 6.2.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | Patch expected 12/20/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Pure Storage | FlashBlade | 3.1.x, 3.2.x, 3.3.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | Patch expected 12/24/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Pure Storage | PortWorx | 2.8.0+ | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Pure Storage | Pure1 | | N/A | Fixed | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Pyramid Analytics | | | | Unknown | [link](https://community.pyramidanalytics.com/t/83hjjt4/log4j-security-vulnerability-pyramid) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QF-Test | | | | Unknown | [link](https://www.qfs.de/en/blog/article/no-log4j-vulnerability-in-qf-test.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Qlik | | | | Unknown | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QMATIC | Appointment Booking | 2.4+ | | Affected | [link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | Update to v. 2.8.2 which contains log4j 2.16 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
@ -2228,6 +2321,102 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| QSC Q-SYS | | | | Unknown | [link](https://qscprod.force.com/selfhelpportal/s/article/Are-Q-SYS-products-affected-by-the-Log4j-vulnerability-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QT | | | | Unknown | [link](https://www.qt.io/blog/the-qt-company-products-not-affected-by-cve-2021-44228-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Quest Global | | | | Unknown | [link](https://support.quest.com/fr-fr/search#q=CVE-2021-44228&t=Global) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| R | R | | | Not Affected | [link](https://www.r-project.org/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| R2ediviewer | | | | Unknown | [link](https://r2ediviewer.de/DE/reload.html?Change-log_17858584.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Radware | | | | Unknown | [link](https://support.radware.com/app/answers/answer_view/a_id/1029752) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Rapid7 | AlcidekArt, kAdvisor, and kAudit | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | AppSpider Enterprise | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | AppSpider Pro | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | Insight Agent | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightAppSec Scan Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightAppSec Scan Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightCloudSec/DivvyCloud | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightConnect Orchestrator | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightIDR Network Sensor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightIDR/InsightOps Collector & Event Sources | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightOps DataHub | InsightOps DataHub <= 2.0 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Upgrade [DataHub to version 2.0.1](https://rep.logentries.com/datahub/DataHub_2.0.1.deb) using the [following instructions](https://docs.rapid7.com/insightops/setting-up-datahub/). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightOps non-Java logging libraries | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightOps r7insight_java logging library | <=3.0.8 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Upgrade [r7insight_java](https://github.com/rapid7/r7insight_java) to 3.0.9 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightVM Kubernetes Monitor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightVM/Nexpose | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightVM/Nexpose Console | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightVM/Nexpose Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | IntSights virtual appliance | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | Logentries DataHub | Linux version <= 1.2.0.820; Windows version <= 1.2.0.820 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Linux: Install DataHub_1.2.0.822.deb using the following [instructions](https://docs.logentries.com/docs/datahub-linux). Windows: Run version 1.2.0.822 in a Docker container or as a Java command per these [instructions](https://docs.logentries.com/docs/datahub-windows). You can find more details [here](https://docs.logentries.com/docs/datahub-linux). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | Logentries le_java logging library | All versions: this is a deprecated component | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Migrate to version 3.0.9 of [r7insight_java](https://github.com/rapid7/r7insight_java) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | Metasploit Framework | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | Metasploit Pro | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Metasploit Pro ships with log4j but has specific configurations applied to it that mitigate Log4Shell. A future update will contain a fully patched version of log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | tCell Java Agent | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | Velociraptor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Raritan | | | | Unknown | [link](https://www.raritan.com/support) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ravelin | | | | Unknown | [link](https://syslog.ravelin.com/log4shell-cve-2021-44228-4338bb8da67b) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Real-Time Innovations (RTI) | Distributed Logger | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | Recording Console | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | RTI Administration Console | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | RTI Code Generator | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | RTI Code Generator Server | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | RTI Micro Application Generator (MAG) | as part of RTI Connext Micro 3.0.0, 3.0.1, 3.0.2, 3.0.3 | | Affected | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | RTI Micro Application Generator (MAG) | as part of RTI Connext Professional 6.0.0 and 6.0.1 | | Affected | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | RTI Monitor | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Red Hat | log4j-core | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat Integration Camel K | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5130](https://access.redhat.com/errata/RHSA-2021:5130) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat build of Quarkus | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Red Hat | Red Hat CodeReady Studio | | 12.21.0 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [CRS 12.21.1 Patch](https://developers.redhat.com/products/codeready-studio/download?source=sso) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat Data Grid | | 8 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5132](http://access.redhat.com/errata/RHSA-2021:5132) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat Decision Manager | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Red Hat | Red Hat Integration Camel Quarkus | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5126](https://access.redhat.com/errata/RHSA-2021:5126) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat JBoss A-MQ Streaming | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5138](https://access.redhat.com/errata/RHSA-2021:5138) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat JBoss Enterprise Application Platform | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [Maven Patch](https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.4) - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Red Hat | Red Hat JBoss Fuse | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5134](https://access.redhat.com/errata/RHSA-2021:5134) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat Process Automation | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [Maven Patch](https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=103671&product=rhpam&version=7.11.1&downloadType=patches) - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat Single Sign-On | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat Vert.X | | 4 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5093](https://access.redhat.com/errata/RHSA-2021:5093) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Satellite 5 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Spacewalk | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat OpenShift Container Platform 3.11 | openshift3/ose-logging-elasticsearch5 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5094](http://access.redhat.com/errata/RHSA-2021:5094) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat OpenShift Container Platform 4 | openshift4/ose-logging-elasticsearch6 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-hive | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-presto | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat OpenShift Logging | logging-elasticsearch6-container | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat OpenStack Platform 13 (Queens) | opendaylight | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | End of Life | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat Software Collections | rh-java-common-log4j | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat Software Collections | rh-maven35-log4j12 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat Software Collections | rh-maven36-log4j12 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red5Pro | | | | Unknown | [link](https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RedGate | | | | Unknown | [link](https://www.red-gate.com/privacy-and-security/vulnerabilities/2021-12-15-log4j-statement) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Redis | | | | Unknown | [link](https://redis.com/security/notice-apache-log4j2-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Reiner SCT | | | | Unknown | [link](https://forum.reiner-sct.com/index.php?/topic/5973-timecard-und-log4j-schwachstelle/&do=findComment&comment=14933) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ReportURI | | | | Unknown | [link](https://scotthelme.co.uk/responding-to-the-log4j-2-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ResMed | AirView | | | Unknown | [link](https://www.resmed.com/en-us/security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| ResMed | myAir | | | Unknown | [link](https://www.resmed.com/en-us/security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Respondus | | | | Unknown | [link](https://support.respondus.com/support/index.php?/News/NewsItem/View/339) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Revenera / Flexera | | | | Unknown | [link](https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ricoh | | | | Unknown | [link](https://www.ricoh.com/info/2021/1215_1/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RingCentral | | | | Unknown | [link](https://www.ringcentral.com/trust-center/security-bulletin.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Riverbed | | | | Unknown | [link](https://supportkb.riverbed.com/support/index?page=content&id=S35645) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Rockwell Automation | FactoryTalk Analytics DataFlowML | 4.00.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rockwell Automation | FactoryTalk Analytics DataView | 3.03.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rockwell Automation | Industrial Data Center | | Gen 1, Gen 2, Gen 3, Gen 3.5 | Fixed | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rockwell Automation | MES EIG | 3.03.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | Customers should upgrade to EIG Hub if possible or work with their local representatives about alternative solutions. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rockwell Automation | VersaVirtual | | Series A | Fixed | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rockwell Automation | Warehouse Management | 4.01.00, 4.02.00, 4.02.01, 4.02.02 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rollbar | | | | Unknown | [link](https://rollbar.com/blog/log4j-zero-day-2021-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Rosette.com | | | | Unknown | [link](https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA | SecurID Authentication Manager | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA | SecurID Authentication Manager Prime | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA | SecurID Authentication Manager WebTier | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA | SecurID Governance and Lifecycle | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA | SecurID Governance and Lifecycle Cloud | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA | SecurID Identity Router | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA Netwitness | | | | Unknown | [link](https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Rstudioapi | Rstudioapi | | | Not Affected | [link](https://github.com/rstudio/rstudioapi) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Rubrik | | | | Unknown | [link](https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ruckus | Virtual SmartZone (vSZ) | 5.1 to 6.0 | | Affected | [link](https://support.ruckuswireless.com/security_bulletins/313) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| RunDeck by PagerDuty | | | | Unknown | [link](https://docs.rundeck.com/docs/history/CVEs/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Runecast | Runecast Analyzer | | 6.0.3 | Fixed | [link](https://www.runecast.com/release-notes) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SAE-IT | | | | Unknown | [link](https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SAFE FME Server | | | | Unknown | [link](https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@ -2319,6 +2508,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Shibboleth | All Products | | | Not Affected | [link](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| Shopify | | | | Unknown | [link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Siebel | | | | Unknown | [link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
@ -2356,8 +2547,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Siemens Healthineers | syngo.via WebViewer VA13B / VA20A / VA20B | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | X.Ceed Somaris 10 VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | X.Cite Somaris 10 VA30*/VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Sierra Wireless | | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Sierra Wireless | AirVantage and Octave cloud platforms | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Sierra Wireless | AM/AMM servers | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
@ -2458,8 +2647,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Sprecher Automation | | | | Unknown | [link](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spring | Spring Boot | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| StarDog | | | | Unknown | [link](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| STERIS | Advantage | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | Advantage Plus | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
@ -2750,7 +2939,14 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Western Digital | | | | Unknown | [link](https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WIBU Systems | CodeMeter Cloud Lite | 2.2 and prior | | Affected | [link](https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| WIBU Systems | CodeMeter Keyring for TIA Portal | 1.30 and prior | | Affected | [link](https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf) | Only the Password Manager is affected | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| WindRiver | | | | Unknown | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Wind River | LTS17 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | LTS18 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | LTS19 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | LTS21 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Wind River | WRL-6 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | WRL-7 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | WRL-8 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | WRL-9 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| WireShark | | | | Unknown | [link](https://gitlab.com/wireshark/wireshark/-/issues/17783) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Wistia | | | | Unknown | [link](https://status.wistia.com/incidents/jtg0dfl5l224) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WitFoo | | | | Unknown | [link](https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

View file

@ -1 +1 @@
https://github.com/cisagov/log4j-md-yml/archive/v1.1.0.tar.gz
https://github.com/cisagov/log4j-md-yml/archive/v1.1.1.tar.gz

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -33,35 +33,6 @@ software:
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Baxter
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BackBox
product: ''
cves:
@ -207,8 +178,8 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: BBraun
product: Outlook® Safety Infusion System Pump family
- vendor: Baxter
product: ''
cves:
cve-2021-4104:
investigated: false
@ -231,43 +202,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
- https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor®
Space® Infusion
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: Pump, SpaceStation, and Space® Wireless Battery)
product: APEX® Compounder
cves:
cve-2021-4104:
investigated: false
@ -324,6 +265,35 @@ software:
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: Outlook® Safety Infusion System Pump family
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: Pinnacle® Compounder
cves:
@ -354,7 +324,37 @@ software:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: APEX® Compounder
product: Pump, SpaceStation, and Space® Wireless Battery)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BBraun
product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor®
Space® Infusion
cves:
cve-2021-4104:
investigated: false
@ -614,6 +614,35 @@ software:
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BD
product: BD Knowledge Portal for BD Pyxis™ Supply
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BD
product: BD Knowledge Portal for Infusion Technologies
cves:
@ -672,35 +701,6 @@ software:
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BD
product: BD Knowledge Portal for BD Pyxis™ Supply
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: BD
product: BD Synapsys™ Informatics Solution
cves:
@ -1049,35 +1049,6 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: BioMerieux
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.biomerieux.com/en/cybersecurity-data-privacy
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Bender
product: ''
cves:
@ -1256,6 +1227,35 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: BioMerieux
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.biomerieux.com/en/cybersecurity-data-privacy
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: BisectHosting
product: ''
cves:
@ -2590,35 +2590,6 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Boston Scientific
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Bosch
product: ''
cves:
@ -2648,6 +2619,35 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Boston Scientific
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Box
product: ''
cves:
@ -4067,7 +4067,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Broadcom
product: Symantec Protection Engine (SPE)
cves:
@ -4096,7 +4096,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Broadcom
product: Symantec Protection for SharePoint Servers (SPSS)
cves:
@ -4125,7 +4125,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Broadcom
product: VIP
cves:
@ -4154,7 +4154,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Broadcom
product: VIP Authentication Hub
cves:
@ -4183,7 +4183,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Broadcom
product: Web Isolation (WI)
cves:
@ -4212,7 +4212,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Broadcom
product: Web Security Service (WSS)
cves:
@ -4241,7 +4241,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Broadcom
product: WebPulse
cves:
@ -4270,5 +4270,5 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:51+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
...

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F-Secure
product: Endpoint Proxy
cves:
@ -62,7 +62,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F-Secure
product: Messaging Security Gateway
cves:
@ -91,7 +91,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F-Secure
product: Policy Manager
cves:
@ -121,7 +121,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F-Secure
product: Policy Manager Proxy
cves:
@ -151,7 +151,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F5
product: BIG-IP (all modules)
cves:
@ -181,7 +181,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F5
product: BIG-IQ Centralized Management
cves:
@ -211,7 +211,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F5
product: F5OS
cves:
@ -241,7 +241,247 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F5
product: NGINX App Protect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F5
product: NGINX Controller
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F5
product: NGINX Ingress Controller
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x - 2.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F5
product: NGINX Instance Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F5
product: NGINX Open Source
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F5
product: NGINX Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- R19 - R25
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F5
product: NGINX Service Mesh
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F5
product: NGINX Unit
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: F5
product: Traffix SDC
cves:
@ -273,247 +513,7 @@ software:
Kibana), Element Management System'
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Plus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- R19 - R25
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Open Source
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Unit
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX App Protect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Controller
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Ingress Controller
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x - 2.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Instance Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
- vendor: F5
product: NGINX Service Mesh
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.f5.com/csp/article/K19026212
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: FAST LTA
product: ''
cves:
@ -542,7 +542,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fastly
product: ''
cves:
@ -571,7 +571,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: FedEx
product: Ship Manager Software
cves:
@ -668,7 +668,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: FileCatalyst
product: ''
cves:
@ -697,7 +697,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: FileCloud
product: ''
cves:
@ -726,7 +726,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: FileWave
product: ''
cves:
@ -755,7 +755,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: FINVI
product: ''
cves:
@ -784,7 +784,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: FireDaemon
product: ''
cves:
@ -813,7 +813,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fisher & Paykel Healthcare
product: ''
cves:
@ -871,7 +871,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Flexera
product: ''
cves:
@ -900,7 +900,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Forcepoint
product: DLP Manager
cves:
@ -929,7 +929,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Forcepoint
product: Forcepoint Cloud Security Gateway (CSG)
cves:
@ -958,7 +958,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Forcepoint
product: Next Generation Firewall (NGFW)
cves:
@ -987,7 +987,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Forcepoint
product: Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service
and Sidewinder
@ -1017,7 +1017,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Forcepoint
product: One Endpoint
cves:
@ -1046,7 +1046,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Forcepoint
product: Security Manager (Web, Email and DLP)
cves:
@ -1075,7 +1075,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Forescout
product: ''
cves:
@ -1104,7 +1104,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ForgeRock
product: Autonomous Identity
cves:
@ -1133,7 +1133,7 @@ software:
notes: all other ForgeRock products Not vulnerable
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiAIOps
cves:
@ -1162,7 +1162,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiAnalyzer
cves:
@ -1191,7 +1191,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiAnalyzer Cloud
cves:
@ -1220,7 +1220,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiAP
cves:
@ -1249,7 +1249,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiAuthenticator
cves:
@ -1278,7 +1278,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiCASB
cves:
@ -1307,7 +1307,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiConvertor
cves:
@ -1336,7 +1336,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiDeceptor
cves:
@ -1365,7 +1365,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiEDR Agent
cves:
@ -1394,7 +1394,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiEDR Cloud
cves:
@ -1423,7 +1423,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiGate Cloud
cves:
@ -1452,7 +1452,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiGSLB Cloud
cves:
@ -1481,7 +1481,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiMail
cves:
@ -1510,7 +1510,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiManager
cves:
@ -1539,7 +1539,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiManager Cloud
cves:
@ -1568,7 +1568,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiNAC
cves:
@ -1597,7 +1597,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiNAC
cves:
@ -1626,7 +1626,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiOS (includes FortiGate & FortiWiFi)
cves:
@ -1655,7 +1655,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiPhish Cloud
cves:
@ -1684,7 +1684,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiPolicy
cves:
@ -1713,7 +1713,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiPortal
cves:
@ -1742,7 +1742,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiRecorder
cves:
@ -1771,7 +1771,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiSIEM
cves:
@ -1800,7 +1800,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiSOAR
cves:
@ -1829,7 +1829,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiSwicth Cloud in FortiLANCloud
cves:
@ -1858,7 +1858,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiSwitch & FortiSwitchManager
cves:
@ -1887,7 +1887,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiToken Cloud
cves:
@ -1916,7 +1916,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiVoice
cves:
@ -1945,7 +1945,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: FortiWeb Cloud
cves:
@ -1974,7 +1974,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fortinet
product: ShieldX
cves:
@ -2003,7 +2003,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: FTAPI
product: ''
cves:
@ -2032,7 +2032,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Fujitsu
product: ''
cves:
@ -2061,7 +2061,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: FusionAuth
product: FusionAuth
cves:
@ -2091,5 +2091,5 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
...

View file

@ -64,6 +64,35 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: GE Gas Power
product: Asset Performance Management (APM)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
notes: GE verifying workaround.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: GE Gas Power
product: Baseline Security Center (BSC)
cves:
@ -124,35 +153,6 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: GE Gas Power
product: Asset Performance Management (APM)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf
notes: GE verifying workaround.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: GE Gas Power
product: Control Server
cves:
@ -270,7 +270,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Genesys
product: ''
cves:
@ -299,7 +299,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GeoServer
product: ''
cves:
@ -328,7 +328,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gerrit code review
product: ''
cves:
@ -357,7 +357,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GFI
product: ''
cves:
@ -386,7 +386,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ghidra
product: ''
cves:
@ -415,7 +415,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gigamon
product: Fabric Manager
cves:
@ -505,7 +505,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Globus
product: ''
cves:
@ -534,9 +534,9 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:52+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GoAnywhere
product: MFT
product: Gateway
cves:
cve-2021-4104:
investigated: false
@ -546,7 +546,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- < 6.8.6
- < 2.8.4
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -566,7 +566,7 @@ software:
- ''
last_updated: '2021-12-18T00:00:00'
- vendor: GoAnywhere
product: Gateway
product: MFT
cves:
cve-2021-4104:
investigated: false
@ -576,7 +576,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- < 2.8.4
- < 6.8.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -679,10 +679,73 @@ software:
unaffected_versions: []
vendor_links:
- https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html
notes: Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability.
notes: Chrome Browser releases, infrastructure and admin console are not using
versions of Log4j affected by the vulnerability.
references:
- ''
last_updated: '2022-01-14'
- vendor: Google Cloud
product: Access Transparency
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Actifio
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
for the full statement and to obtain the hotfix (available to Actifio customers
only).
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: AI Platform Data Labeling
cves:
@ -773,68 +836,6 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Access Transparency
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Actifio
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and
has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com)
for the full statement and to obtain the hotfix (available to Actifio customers
only).
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Anthos
cves:
@ -988,6 +989,40 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Anthos on VMWare
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
to their VMware products as they become available. We also recommend customers
review their respective applications and workloads affected by the same vulnerabilities
and apply appropriate patches.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Anthos Premium Software
cves:
@ -1048,40 +1083,6 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Anthos on VMWare
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check
VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds
to their VMware products as they become available. We also recommend customers
review their respective applications and workloads affected by the same vulnerabilities
and apply appropriate patches.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Apigee
cves:
@ -1792,36 +1793,6 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud DNS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud
product: Cloud Data Loss Prevention
cves:
@ -1912,6 +1883,36 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud DNS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud
product: Cloud Endpoints
cves:
@ -2036,7 +2037,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Intrusion Detection System (IDS)
product: Cloud Interconnect
cves:
cve-2021-4104:
investigated: false
@ -2066,7 +2067,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Interconnect
product: Cloud Intrusion Detection System (IDS)
cves:
cve-2021-4104:
investigated: false
@ -2185,36 +2186,6 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Network Address Translation (NAT)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud
product: Cloud Natural Language API
cves:
@ -2245,6 +2216,36 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud Network Address Translation (NAT)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud
product: Cloud Profiler
cves:
@ -2372,7 +2373,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud SDK
product: Cloud Scheduler
cves:
cve-2021-4104:
investigated: false
@ -2402,37 +2403,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud SQL
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-19T00:00:00'
- vendor: Google Cloud
product: Cloud Scheduler
product: Cloud SDK
cves:
cve-2021-4104:
investigated: false
@ -2554,6 +2525,36 @@ software:
references:
- ''
last_updated: '2021-12-19T00:00:00'
- vendor: Google Cloud
product: Cloud SQL
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-19T00:00:00'
- vendor: Google Cloud
product: Cloud Storage
cves:
@ -2704,36 +2705,6 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud VPN
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud
product: Cloud Vision
cves:
@ -2794,6 +2765,36 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Google Cloud
product: Cloud VPN
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cloud.google.com/log4j2-security-advisory
notes: Product does not use Log4j 2 and is not impacted by the issues identified
in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Google Cloud
product: CompilerWorks
cves:
@ -4656,7 +4657,7 @@ software:
notes: Gradle Scala Compiler Plugin depends upon log4j-core but it is not used.
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gradle
product: Gradle Enterprise
cves:
@ -4686,7 +4687,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gradle
product: Gradle Enterprise Build Cache Node
cves:
@ -4716,7 +4717,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gradle
product: Gradle Enterprise Test Distribution Agent
cves:
@ -4746,7 +4747,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Grafana
product: ''
cves:
@ -4775,7 +4776,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Grandstream
product: ''
cves:
@ -4804,7 +4805,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravitee
product: Access Management
cves:
@ -4834,7 +4835,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravitee
product: Access Management
cves:
@ -4864,67 +4865,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee
product: API Management
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.10.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Gravitee
product: API Management
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.5.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravitee
product: Alert Engine
cves:
@ -4954,7 +4895,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravitee
product: Alert Engine
cves:
@ -4984,7 +4925,67 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravitee
product: API Management
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.10.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravitee
product: API Management
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 3.5.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravitee
product: Cockpit
cves:
@ -5014,7 +5015,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravitee.io
product: ''
cves:
@ -5043,7 +5044,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Gravwell
product: ''
cves:
@ -5072,7 +5073,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Graylog
product: Graylog Server
cves:
@ -5102,7 +5103,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GreenShot
product: ''
cves:
@ -5131,7 +5132,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: GSA
product: Cloud.gov
cves:
@ -5189,5 +5190,5 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
...

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: K6
product: ''
cves:
@ -61,7 +61,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Karakun
product: ''
cves:
@ -90,7 +90,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kaseya
product: ''
cves:
@ -119,7 +119,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Keeper Security
product: ''
cves:
@ -148,7 +148,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: KEMP
product: ''
cves:
@ -177,7 +177,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: KEMP 2
product: ''
cves:
@ -206,7 +206,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kofax
product: ''
cves:
@ -235,7 +235,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Konica Minolta
product: ''
cves:
@ -264,7 +264,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kronos UKG
product: ''
cves:
@ -293,7 +293,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Kyberna
product: ''
cves:
@ -322,5 +322,5 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
...

View file

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: L3Harris Geospatial
product: ''
cves:
@ -61,7 +61,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lancom Systems
product: ''
cves:
@ -90,7 +90,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lansweeper
product: ''
cves:
@ -119,7 +119,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Laserfiche
product: ''
cves:
@ -148,7 +148,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LastPass
product: ''
cves:
@ -177,7 +177,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LaunchDarkly
product: ''
cves:
@ -206,7 +206,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Leanix
product: ''
cves:
@ -235,7 +235,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Leica BIOSYSTEMS
product: Aperio AT2
cves:
@ -613,35 +613,6 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-ADVANCE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND Controller
cves:
@ -671,64 +642,6 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-III
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-MAX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND RX
cves:
@ -787,6 +700,93 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-ADVANCE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-III
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: BOND-MAX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.leicabiosystems.com/about/product-security/
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Leica BIOSYSTEMS
product: CEREBRO
cves:
@ -2415,7 +2415,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Let's Encrypt
product: ''
cves:
@ -2444,7 +2444,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LibreNMS
product: ''
cves:
@ -2473,7 +2473,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LifeRay
product: ''
cves:
@ -2502,7 +2502,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LifeSize
product: ''
cves:
@ -2531,7 +2531,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lightbend
product: ''
cves:
@ -2560,7 +2560,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lime CRM
product: ''
cves:
@ -2589,7 +2589,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LIONGARD
product: ''
cves:
@ -2618,7 +2618,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LiquidFiles
product: ''
cves:
@ -2647,7 +2647,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LiveAction
product: ''
cves:
@ -2676,7 +2676,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Loftware
product: ''
cves:
@ -2705,7 +2705,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LOGalyze
product: SIEM & log analyzer tool
cves:
@ -2766,7 +2766,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LogicMonitor
product: LogicMonitor Platform
cves:
@ -2795,7 +2795,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LogMeIn
product: ''
cves:
@ -2824,7 +2824,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LogRhythm
product: ''
cves:
@ -2853,7 +2853,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Looker
product: Looker
cves:
@ -2888,7 +2888,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: LucaNet
product: ''
cves:
@ -2917,7 +2917,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lucee
product: ''
cves:
@ -2946,7 +2946,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Lyrasis
product: Fedora Repository
cves:

File diff suppressed because it is too large Load diff

View file

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nagios
product: ''
cves:
@ -61,7 +61,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NAKIVO
product: ''
cves:
@ -90,7 +90,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: National Instruments
product: OptimalPlus
cves:
@ -102,9 +102,9 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- 'Vertica'
- 'Cloudera'
- 'Logstash'
- Vertica
- Cloudera
- Logstash
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -136,7 +136,7 @@ software:
investigated: true
affected_versions:
- '>4.2'
- '<4..2.12'
- <4..2.12
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -182,7 +182,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Netcup
product: ''
cves:
@ -211,7 +211,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NetGate PFSense
product: ''
cves:
@ -240,7 +240,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Netwrix
product: ''
cves:
@ -269,7 +269,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: New Relic
product: Containerized Private Minion (CPM)
cves:
@ -282,7 +282,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- '3.0.57'
- 3.0.57
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -312,7 +312,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- '<7.4.3'
- <7.4.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -360,7 +360,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nextflow
product: Nextflow
cves:
@ -374,7 +374,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- '21.04.0.5552'
- 21.04.0.5552
cve-2021-45046:
investigated: false
affected_versions: []
@ -448,7 +448,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NinjaRMM
product: ''
cves:
@ -478,7 +478,7 @@ software:
by CISA
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nomachine
product: ''
cves:
@ -507,7 +507,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NoviFlow
product: ''
cves:
@ -536,7 +536,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab
product: Backlog
cves:
@ -566,7 +566,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab
product: Backlog Enterprise (On-premises)
cves:
@ -596,7 +596,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab
product: Cacoo
cves:
@ -626,7 +626,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab
product: Cacoo Enterprise (On-premises)
cves:
@ -656,7 +656,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nulab
product: Typetalk
cves:
@ -686,7 +686,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Nutanix
product: AHV
cves:
@ -1342,35 +1342,6 @@ software:
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: Leap
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: Saas-Based Procuct. See Advisory.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: LCM
cves:
@ -1401,6 +1372,35 @@ software:
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: Leap
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://download.nutanix.com/alerts/Security_Advisory_0023.pdf
notes: Saas-Based Procuct. See Advisory.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Nutanix
product: Mine
cves:
@ -1758,7 +1758,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: NXLog
product: ''
cves:
@ -1787,5 +1787,5 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
...

View file

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OCLC
product: ''
cves:
@ -61,7 +61,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Octopus
product: ''
cves:
@ -90,7 +90,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Okta
product: Advanced Server Access
cves:
@ -294,6 +294,36 @@ software:
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta On-Prem MFA Agent
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 1.4.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta RADIUS Server Agent
cves:
@ -382,36 +412,6 @@ software:
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Okta
product: Okta On-Prem MFA Agent
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 1.4.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Onespan
product: ''
cves:
@ -440,7 +440,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Opengear
product: ''
cves:
@ -469,7 +469,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenMRS TALK
product: ''
cves:
@ -498,7 +498,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenNMS
product: ''
cves:
@ -527,7 +527,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenSearch
product: ''
cves:
@ -556,7 +556,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OpenText
product: ''
cves:
@ -586,37 +586,6 @@ software:
references:
- ''
last_updated: '2021-12-23T00:00:00'
- vendor: Opto 22
product: GRV-EPIC-PR1, GRV-EPIC-PR2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 3.3.2
fixed_versions:
- 3.3.2
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
notes: The Log4j vulnerability affects all products running groov View software
references:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
cves:
@ -710,6 +679,37 @@ software:
references:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Opto 22
product: GRV-EPIC-PR1, GRV-EPIC-PR2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 3.3.2
fixed_versions:
- 3.3.2
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
notes: The Log4j vulnerability affects all products running groov View software
references:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Oracle
product: ''
cves:
@ -741,7 +741,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Oracle
product: Exadata
product: Enterprise Manager
cves:
cve-2021-4104:
investigated: false
@ -751,7 +751,8 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- <21.3.4
- '13.5'
- 13.4 & 13.3.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -773,7 +774,7 @@ software:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Oracle
product: Enterprise Manager
product: Exadata
cves:
cve-2021-4104:
investigated: false
@ -783,8 +784,7 @@ software:
cve-2021-44228:
investigated: true
affected_versions:
- '13.5'
- 13.4 & 13.3.2
- <21.3.4
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -833,7 +833,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium
product: PAM
cves:
@ -862,7 +862,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium
product: PEM
cves:
@ -891,7 +891,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Osirium
product: PPA
cves:
@ -920,7 +920,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OTRS
product: ''
cves:
@ -949,7 +949,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OVHCloud
product: ''
cves:
@ -978,7 +978,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OwnCloud
product: ''
cves:
@ -1007,7 +1007,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: OxygenXML
product: Author
cves:

File diff suppressed because it is too large Load diff

View file

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:55+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Qlik
product: ''
cves:
@ -61,37 +61,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:55+00:00'
- vendor: QMATIC
product: Orchestra Central
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 6.0+
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: QMATIC
product: Appointment Booking
cves:
@ -122,6 +92,36 @@ software:
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: QMATIC
product: Appointment Booking
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Cloud/Managed Service
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
notes: log4j 2.16 applied 2021-12-15
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: QMATIC
product: Insights
cves:
@ -153,7 +153,7 @@ software:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: QMATIC
product: Appointment Booking
product: Orchestra Central
cves:
cve-2021-4104:
investigated: false
@ -162,10 +162,10 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Cloud/Managed Service
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- 6.0+
cve-2021-45046:
investigated: false
affected_versions: []
@ -178,7 +178,7 @@ software:
unaffected_versions: []
vendor_links:
- https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability
notes: log4j 2.16 applied 2021-12-15
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
@ -210,7 +210,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:55+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: QOPPA
product: ''
cves:
@ -239,7 +239,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:55+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: QSC Q-SYS
product: ''
cves:
@ -268,7 +268,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:55+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: QT
product: ''
cves:
@ -297,7 +297,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:55+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Quest Global
product: ''
cves:
@ -326,5 +326,5 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:55+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
...

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

View file

@ -33,7 +33,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ubiquiti
product: UniFi Network Controller
cves:
@ -93,123 +93,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Umbraco
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: UniFlow
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.uniflow.global/en/security/security-and-maintenance/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Unify ATOS
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Unimus
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: UiPath
product: InSights
cves:
@ -240,6 +124,122 @@ software:
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Umbraco
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: UniFlow
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.uniflow.global/en/security/security-and-maintenance/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Unify ATOS
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Unimus
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: USSIGNAL MSP
product: ''
cves:
@ -268,5 +268,5 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
...

View file

@ -4,35 +4,6 @@ owners:
- name: cisagov
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Varian
product: Acuity
cves:
@ -63,36 +34,6 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DITC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA Connect (Cloverleaf)
cves:
@ -123,96 +64,6 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA eDOC
cves:
@ -244,7 +95,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Radiation Oncology
product: ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
@ -252,11 +103,41 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
@ -393,6 +274,36 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DITC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: DoseLab
cves:
@ -573,6 +484,36 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ICAP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Identify
cves:
@ -694,7 +635,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: ICAP
product: Mobius3D platform
cves:
cve-2021-4104:
investigated: false
@ -724,7 +665,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: Mobius3D platform
product: PaaS
cves:
cve-2021-4104:
investigated: false
@ -933,36 +874,6 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: PaaS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: TrueBeam radiotherapy system
cves:
@ -1234,6 +1145,95 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Medical Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Varian
product: XMediusFax for ARIA oncology information system for Radiation Oncology
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: VArmour
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Varnish Software
product: ''
cves:
@ -1262,7 +1262,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Varonis
product: ''
cves:
@ -1291,7 +1291,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Veeam
product: ''
cves:
@ -1320,7 +1320,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Venafi
product: ''
cves:
@ -1349,7 +1349,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Veritas NetBackup
product: ''
cves:
@ -1378,7 +1378,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Vertica
product: ''
cves:
@ -1421,7 +1421,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: ''
affected_versions: []
@ -1466,7 +1466,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: VMware
product: API Portal for VMware Tanzu
cves:
@ -1678,6 +1678,71 @@ software:
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: VMware Carbon Black Cloud Workload Appliance
cves:
@ -2291,71 +2356,6 @@ software:
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: VMware
product: vCenter Server - OVA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.x
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: vCenter Server - Windows
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.7.x
- 6.5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.vmware.com/security/advisories/VMSA-2021-0028.html
notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096
)'
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: VMware
product: VMware vRealize Automation
cves:
@ -2614,7 +2614,7 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
- All
cve-2021-45046:
investigated: ''
affected_versions: []

View file

@ -62,7 +62,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wasp Barcode technologies
product: ''
cves:
@ -91,7 +91,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WatchGuard
product: Secplicity
cves:
@ -120,7 +120,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Western Digital
product: ''
cves:
@ -149,37 +149,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: WIBU Systems
product: CodeMeter Keyring for TIA Portal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 1.30 and prior
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
notes: Only the Password Manager is affected
references:
- ''
last_updated: '2021-12-22T00:00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WIBU Systems
product: CodeMeter Cloud Lite
cves:
@ -210,8 +180,8 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: WindRiver
product: ''
- vendor: WIBU Systems
product: CodeMeter Keyring for TIA Portal
cves:
cve-2021-4104:
investigated: false
@ -219,8 +189,9 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- 1.30 and prior
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -233,12 +204,285 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
notes: Only the Password Manager is affected
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Wind River
product: LTS17
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS18
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS19
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS21
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wind River
product: WRL-6
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: WRL-7
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: WRL-8
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: WRL-9
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: WireShark
product: ''
cves:
@ -267,7 +511,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wistia
product: ''
cves:
@ -296,7 +540,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WitFoo
product: ''
cves:
@ -325,7 +569,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WordPress
product: ''
cves:
@ -354,7 +598,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Worksphere
product: ''
cves:
@ -383,7 +627,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wowza
product: ''
cves:
@ -412,7 +656,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WSO2
product: WSO2 Enterprise Integrator
cves:
@ -442,5 +686,5 @@ software:
notes: A temporary mitigation is available while vendor works on update
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
...

View file

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: XenForo
product: ''
cves:
@ -61,7 +61,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Xerox
product: ''
cves:
@ -90,7 +90,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: XPertDoc
product: ''
cves:
@ -119,7 +119,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: XPLG
product: ''
cves:
@ -148,7 +148,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: XWIKI
product: ''
cves:
@ -177,7 +177,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Xylem
product: Aquatalk
cves:
@ -236,6 +236,35 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Configuration change complete
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Sensus Analytics
cves:
@ -411,7 +440,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Sensus RNI Saas
product: Sensus RNI On Prem
cves:
cve-2021-4104:
investigated: false
@ -443,7 +472,7 @@ software:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Sensus RNI On Prem
product: Sensus RNI Saas
cves:
cve-2021-4104:
investigated: false
@ -561,35 +590,6 @@ software:
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Configuration change complete
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Xylem
product: Xylem Cloud
cves:

View file

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: YellowFin
product: ''
cves:
@ -61,7 +61,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: YOKOGAWA
product: ''
cves:
@ -119,5 +119,5 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
...

View file

@ -32,7 +32,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ZAMMAD
product: ''
cves:
@ -61,7 +61,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zaproxy
product: ''
cves:
@ -90,7 +90,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zebra
product: ''
cves:
@ -119,7 +119,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zendesk
product: All Products
cves:
@ -180,7 +180,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zentera Systems, Inc.
product: CoIP Access Platform
cves:
@ -239,7 +239,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zesty
product: ''
cves:
@ -268,7 +268,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zimbra
product: ''
cves:
@ -297,7 +297,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zix
product: ''
cves:
@ -355,7 +355,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ZPE systems Inc
product: ''
cves:
@ -384,7 +384,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zscaler
product: See Link (Multiple Products)
cves:
@ -442,7 +442,7 @@ software:
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Zyxel
product: Security Firewall/Gateways
cves: