From 5259523cde6123c2213bcde601fd33a05cae4797 Mon Sep 17 00:00:00 2001 From: inl-ics <96266975+inl-ics@users.noreply.github.com> Date: Fri, 21 Jan 2022 09:37:30 -0700 Subject: [PATCH 01/10] Update cisagov_W.yml Updated Wind River product information. --- data/cisagov_W.yml | 257 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 246 insertions(+), 11 deletions(-) diff --git a/data/cisagov_W.yml b/data/cisagov_W.yml index f8b1dae..158e9ee 100644 --- a/data/cisagov_W.yml +++ b/data/cisagov_W.yml @@ -210,35 +210,270 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: WindRiver - product: '' + - vendor: Wind River + product: WRL-6 cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - 'All' cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - 'All' cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - 'All' cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - 'All' + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: WRL-7 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: WRL-8 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: WRL-9 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: LTS17 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: '' + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: LTS18 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: '' + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: LTS19 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: '' + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: LTS21 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 'All' + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: '' + references: + - '' + last_updated: '2022-01-21T00:00:00' - vendor: WireShark product: '' cves: From f48ac38c9b7be6ab1ae908a6d1aebe61e09ff7de Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Mon, 24 Jan 2022 14:10:28 -0500 Subject: [PATCH 02/10] Update cisagov/log4j-md-yml from v1.1.0 to v1.1.1 --- config/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/requirements.txt b/config/requirements.txt index e5b41a2..76c9f9b 100644 --- a/config/requirements.txt +++ b/config/requirements.txt @@ -1 +1 @@ -https://github.com/cisagov/log4j-md-yml/archive/v1.1.0.tar.gz +https://github.com/cisagov/log4j-md-yml/archive/v1.1.1.tar.gz From 7f11fc634bdda9eb70a9cf8ee78bff07a577330e Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Mon, 24 Jan 2022 15:05:11 -0500 Subject: [PATCH 03/10] Normalize individual cisagov_*.yml files Add functionality to the update_software_list workflow to normalize the component files for every push. This will ensure that they are kept in a manner consistent with how the primary cisagov.yml file stores data. --- .github/workflows/update_software_list.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update_software_list.yml b/.github/workflows/update_software_list.yml index 6350ccc..77b125e 100644 --- a/.github/workflows/update_software_list.yml +++ b/.github/workflows/update_software_list.yml @@ -68,6 +68,12 @@ jobs: run: pip install --upgrade --requirement config/requirements.txt - name: Create the branch for test validation run: git switch --create ${{ needs.setup.outputs.testing_branch }} + - name: Normalize individual cisagov_*.yml files + run: | + for file in data/cisagov_*yml; do \ + normalize-yml --cisagov-format "$file" > "$file".tmp; \ + mv --force "$file".tmp "$file"; \ + done - name: Update the comprehensive cisagov YAML file run: normalize-yml --cisagov-format data/cisagov_*.yml > data/cisagov.yml - name: Generate a normalized YAML file from all source YAML files @@ -84,7 +90,7 @@ jobs: commit_user_name: ${{ needs.setup.outputs.git_user }} commit_user_email: ${{ needs.setup.outputs.git_email }} commit_author: ${{ needs.setup.outputs.git_author }} - file_pattern: SOFTWARE-LIST.md data/cisagov.yml + file_pattern: SOFTWARE-LIST.md data/cisagov*.yml merge_list_update: runs-on: ubuntu-latest needs: From 1ac6221a21d12ad67274159e5ceb394b156a7e48 Mon Sep 17 00:00:00 2001 From: cisagovbot <65734717+cisagovbot@users.noreply.github.com> Date: Mon, 24 Jan 2022 22:27:28 +0000 Subject: [PATCH 04/10] Update the software list --- SOFTWARE-LIST.md | 30 +- data/cisagov.yml | 788 ++++----- data/cisagov_A.yml | 1132 ++++++------- data/cisagov_B.yml | 302 ++-- data/cisagov_C.yml | 794 ++++----- data/cisagov_D.yml | 3856 ++++++++++++++++++++--------------------- data/cisagov_E.yml | 3648 +++++++++++++++++++-------------------- data/cisagov_F.yml | 244 +-- data/cisagov_G.yml | 629 +++---- data/cisagov_H.yml | 1436 ++++++++-------- data/cisagov_I.yml | 1394 +++++++-------- data/cisagov_J.yml | 1700 +++++++++---------- data/cisagov_L.yml | 174 +- data/cisagov_M.yml | 448 ++--- data/cisagov_N.yml | 72 +- data/cisagov_O.yml | 132 +- data/cisagov_Q.yml | 70 +- data/cisagov_S.yml | 4046 ++++++++++++++++++++++---------------------- data/cisagov_T.yml | 1503 ++++++++-------- data/cisagov_U.yml | 60 +- data/cisagov_V.yml | 502 +++--- data/cisagov_W.yml | 60 +- data/cisagov_X.yml | 62 +- 23 files changed, 11546 insertions(+), 11536 deletions(-) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index 0c198bc..6a90bbf 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -231,10 +231,10 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Beijer Electronics | WARP Engineering Studio | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | Bender | | | | Unknown | [link](https://www.bender.de/en/cert) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | Unknown | [link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | BeyondTrust | Privilege Management Cloud | | Unknown | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | BeyondTrust | Privilege Management Reporting in BeyondInsight | | 21.2 | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | BeyondTrust | Secure Remote Access appliances | | | Not Affected | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | BioMerieux | | | | Unknown | [link](https://www.biomerieux.com/en/cybersecurity-data-privacy) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | BisectHosting | | | | Unknown | [link](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | BitDefender | | | | Unknown | [link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | @@ -949,8 +949,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Elastic | Kibana | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Elastic | Logstash | <6.8.21, <7.16.1 | | Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Elastic | Machine Learning | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | -| ElasticSearch | all products | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Elastic | Swiftype | | | Unknown | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| ElasticSearch | all products | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Ellucian | Admin | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | Ellucian | Banner Analytics | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | Ellucian | Banner Document Management (includes Banner Document Retention) | | | Unknown | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | @@ -1180,6 +1180,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to | GoAnywhere | MFT | < 6.8.6 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 | | GoAnywhere | MFT Agents | < 1.6.5 | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 | | GoCD | | | | Unknown | [link](https://www.gocd.org/2021/12/14/log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 | | Google Cloud | Access Transparency | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | | Google Cloud | Actifio | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) for the full statement and to obtain the hotfix (available to Actifio customers only). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | | Google Cloud | AI Platform Data Labeling | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | @@ -1309,14 +1310,12 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Google Cloud | Virtual Private Cloud | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | | Google Cloud | Web Security Scanner | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | | Google Cloud | Workflows | | | Unknown | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | -| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 | | Gradle | Gradle | | | Unknown | [link](https://blog.gradle.org/log4j-vulnerability) | Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gradle | Gradle Enterprise | < 2021.3.6 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gradle | Gradle Enterprise Build Cache Node | < 10.1 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gradle | Gradle Enterprise Test Distribution Agent | < 1.6.2 | | Affected | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Grafana | | | | Unknown | [link](https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Grandstream | | | | Unknown | [link](https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Gravitee.io | | | | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravitee | Alert Engine | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | @@ -1324,6 +1323,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravitee | Cockpit | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Gravitee.io | | | | Unknown | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Gravwell | | | | Unknown | [link](https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Graylog | Graylog Server | All versions >= 1.2.0 and <= 4.2.2 | | Affected | [link](https://www.graylog.org/post/graylog-update-for-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | GreenShot | | | | Unknown | [link](https://greenshot.atlassian.net/browse/BUG-2871) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | @@ -1396,7 +1396,11 @@ NOTE: This file is automatically generated. To submit updates, please refer to | HOLOGIC | Unifi Workspace | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | | HOLOGIC | Windows Selenia Mammography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | | Honeywell | | | | Unknown | [link](https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | HPE | 3PAR StoreServ Arrays | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | AirWave Management Platform | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | Alletra 6000 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | @@ -1526,11 +1530,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to | HPE | Superdome Flex 280 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | Superdome Flex Server | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | UAN (User Access Node) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | -| HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | -| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | -| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | -| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | -| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | Huawei | | | | Unknown | [link](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Hubspot | | | | Unknown | [link](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | I-Net software | | | | Unknown | [link](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | @@ -2019,6 +2019,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Lyrasis | Fedora Repository | | | Not Affected | [link](https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo) | Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 | | MailStore | | | | Unknown | [link](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Maltego | | | | Unknown | [link](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 | +| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | ManageEngine Zoho | | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | ManageEngine Zoho | ADAudit Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | ManageEngine Zoho | ADManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | @@ -2032,8 +2034,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to | ManageEngine Zoho | M365 Manager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | ManageEngine Zoho | M365 Security Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | ManageEngine Zoho | RecoveryManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | -| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 | -| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | MariaDB | | | | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | MathWorks | All MathWorks general release desktop or server products | | | Not Affected | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 | | MathWorks | MATLAB | | | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 | @@ -2319,6 +2319,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Shibboleth | All Products | | | Not Affected | [link](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 | | Shopify | | | | Unknown | [link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Siebel | | | | Unknown | [link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | +| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 | | Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | | Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | | Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | @@ -2356,8 +2358,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Siemens Healthineers | syngo.via WebViewer VA13B / VA20A / VA20B | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | Siemens Healthineers | X.Ceed Somaris 10 VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | Siemens Healthineers | X.Cite Somaris 10 VA30*/VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | -| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | -| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 | | Sierra Wireless | | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Sierra Wireless | AirVantage and Octave cloud platforms | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | | Sierra Wireless | AM/AMM servers | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | @@ -2458,8 +2458,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 | | Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 | | Sprecher Automation | | | | Unknown | [link](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Spring | Spring Boot | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | StarDog | | | | Unknown | [link](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | STERIS | Advantage | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | STERIS | Advantage Plus | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | diff --git a/data/cisagov.yml b/data/cisagov.yml index 7633387..972d02e 100644 --- a/data/cisagov.yml +++ b/data/cisagov.yml @@ -6307,35 +6307,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: BeyondTrust Bomgar - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542 - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:50+00:00' - vendor: BeyondTrust product: Privilege Management Cloud cves: @@ -6426,6 +6397,35 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: BeyondTrust Bomgar + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: BioMerieux product: '' cves: @@ -27524,34 +27524,6 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' - - vendor: ElasticSearch - product: all products - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: [] - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:52+00:00' - vendor: Elastic product: Swiftype cves: @@ -27581,6 +27553,34 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: ElasticSearch + product: all products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:52+00:00' - vendor: Ellucian product: Admin cves: @@ -34284,6 +34284,36 @@ software: references: - '' last_updated: '2022-01-12T07:18:52+00:00' + - vendor: Google + product: Chrome + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html + notes: Chrome Browser releases, infrastructure and admin console are not using + versions of Log4j affected by the vulnerability. + references: + - '' + last_updated: '2022-01-14' - vendor: Google Cloud product: Access Transparency cves: @@ -38229,36 +38259,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Google - product: Chrome - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html - notes: Chrome Browser releases, infrastructure and admin console are not using - versions of Log4j affected by the vulnerability. - references: - - '' - last_updated: '2022-01-14' - vendor: Gradle product: Gradle cves: @@ -38436,35 +38436,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:53+00:00' - - vendor: Gravitee.io - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:53+00:00' - vendor: Gravitee product: Access Management cves: @@ -38675,6 +38646,35 @@ software: references: - '' last_updated: '2022-01-12T07:18:53+00:00' + - vendor: Gravitee.io + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:53+00:00' - vendor: Gravwell product: '' cves: @@ -40824,8 +40824,8 @@ software: references: - '' last_updated: '2022-01-12T07:18:53+00:00' - - vendor: HPE/Micro Focus - product: Data Protector + - vendor: HP + product: Teradici Cloud Access Controller cves: cve-2021-4104: investigated: false @@ -40836,7 +40836,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '9.09' + - < v113 unaffected_versions: [] cve-2021-45046: investigated: false @@ -40849,10 +40849,130 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://portal.microfocus.com/s/article/KM000003243 + - https://support.hp.com/us-en/document/ish_5268006-5268030-16 notes: '' references: - - '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)' + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: HP + product: Teradici EMSDK + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 1.0.6 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hp.com/us-en/document/ish_5268006-5268030-16 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: HP + product: Teradici Management Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 21.10.3 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hp.com/us-en/document/ish_5268006-5268030-16 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: HP + product: Teradici PCoIP Connection Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 21.03.6 + - < 20.07.4 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hp.com/us-en/document/ish_5268006-5268030-16 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: HP + product: Teradici PCoIP License Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hp.com/us-en/document/ish_5268006-5268030-16 + notes: '' + references: + - '' last_updated: '2021-12-17T00:00:00' - vendor: HPE product: 3PAR StoreServ Arrays @@ -44597,8 +44717,8 @@ software: references: - '' last_updated: '2021-12-12T00:00:00' - - vendor: HP - product: Teradici Cloud Access Controller + - vendor: HPE/Micro Focus + product: Data Protector cves: cve-2021-4104: investigated: false @@ -44609,7 +44729,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - < v113 + - '9.09' unaffected_versions: [] cve-2021-45046: investigated: false @@ -44622,130 +44742,10 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://support.hp.com/us-en/document/ish_5268006-5268030-16 + - https://portal.microfocus.com/s/article/KM000003243 notes: '' references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: HP - product: Teradici EMSDK - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - < 1.0.6 - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.hp.com/us-en/document/ish_5268006-5268030-16 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: HP - product: Teradici Management Console - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - < 21.10.3 - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.hp.com/us-en/document/ish_5268006-5268030-16 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: HP - product: Teradici PCoIP Connection Manager - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - < 21.03.6 - - < 20.07.4 - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.hp.com/us-en/document/ish_5268006-5268030-16 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: HP - product: Teradici PCoIP License Server - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.hp.com/us-en/document/ish_5268006-5268030-16 - notes: '' - references: - - '' + - '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)' last_updated: '2021-12-17T00:00:00' - vendor: Huawei product: '' @@ -59063,6 +59063,65 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' + - vendor: ManageEngine + product: AD SelfService Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Build 6.1 build 6114 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-27T00:00:00' + - vendor: ManageEngine + product: Servicedesk Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 11305 and below + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.manageengine.com/products/service-desk/security-response-plan.html + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: ManageEngine Zoho product: '' cves: @@ -59440,65 +59499,6 @@ software: references: - '' last_updated: '2021-12-16T00:00:00' - - vendor: ManageEngine - product: AD SelfService Plus - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - Build 6.1 build 6114 - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: [] - notes: '' - references: - - '' - last_updated: '2021-12-27T00:00:00' - - vendor: ManageEngine - product: Servicedesk Plus - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 11305 and below - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.manageengine.com/products/service-desk/security-response-plan.html - notes: '' - references: - - '' - last_updated: '2021-12-15T00:00:00' - vendor: MariaDB product: '' cves: @@ -67919,6 +67919,66 @@ software: references: - '' last_updated: '2022-01-12T07:18:55+00:00' + - vendor: Siemens + product: Affected Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf + notes: 'Siemens requests: See pdf for the complete list of affected products, + CSAF for automated parsing of data' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens + product: Affected Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf + notes: 'Siemens requests: See pdf for the complete list of affected products, + CSAF for automated parsing of data' + references: + - '' + last_updated: '2021-12-19T00:00:00' - vendor: Siemens Energy product: Affected Products cves: @@ -69037,66 +69097,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: Siemens - product: Affected Products - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf - notes: 'Siemens requests: See pdf for the complete list of affected products, - CSAF for automated parsing of data' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens - product: Affected Products - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf - notes: 'Siemens requests: See pdf for the complete list of affected products, - CSAF for automated parsing of data' - references: - - '' - last_updated: '2021-12-19T00:00:00' - vendor: Sierra Wireless product: '' cves: @@ -72077,35 +72077,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Spring Boot - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:55+00:00' - vendor: Spring product: Spring Boot cves: @@ -72136,6 +72107,35 @@ software: references: - '' last_updated: '2022-01-12T07:18:55+00:00' + - vendor: Spring Boot + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:55+00:00' - vendor: StarDog product: '' cves: diff --git a/data/cisagov_A.yml b/data/cisagov_A.yml index 03f5dd2..f569214 100644 --- a/data/cisagov_A.yml +++ b/data/cisagov_A.yml @@ -475,244 +475,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: AFAS Software - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://help.afas.nl/vraagantwoord/NL/SE/120439.htm - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: AFHCAN Global LLC - product: AFHCANsuite - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 8.0.7 - 8.4.3 - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://afhcan.org/support.aspx - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: AFHCAN Global LLC - product: AFHCANServer - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 8.0.7 - 8.4.3 - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://afhcan.org/support.aspx - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: AFHCAN Global LLC - product: AFHCANcart - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 8.0.7 - 8.4.3 - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://afhcan.org/support.aspx - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: AFHCAN Global LLC - product: AFHCANweb - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 8.0.7 - 8.4.3 - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://afhcan.org/support.aspx - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: AFHCAN Global LLC - product: AFHCANmobile - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 8.0.7 - 8.4.3 - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://afhcan.org/support.aspx - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: AFHCAN Global LLC - product: AFHCANupdate - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 8.0.7 - 8.4.3 - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://afhcan.org/support.aspx - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Agilysys - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://info.agilysys.com/webmail/76642/2001127877/c3fda575e2313fac1f6a203dc6fc1db2439c3db0da22bde1b6c1b6747d7f0e2f - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:50+00:00' - vendor: Advanced Systems Concepts (formally Jscape) product: Active MFT cves: @@ -744,7 +506,7 @@ software: - '' last_updated: '2021-12-14T00:00:00' - vendor: Advanced Systems Concepts (formally Jscape) - product: MFT Server + product: MFT cves: cve-2021-4104: investigated: false @@ -804,7 +566,7 @@ software: - '' last_updated: '2021-12-14T00:00:00' - vendor: Advanced Systems Concepts (formally Jscape) - product: MFT + product: MFT Server cves: cve-2021-4104: investigated: false @@ -833,6 +595,244 @@ software: references: - '' last_updated: '2021-12-14T00:00:00' + - vendor: AFAS Software + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.afas.nl/vraagantwoord/NL/SE/120439.htm + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: AFHCAN Global LLC + product: AFHCANcart + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 8.0.7 - 8.4.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://afhcan.org/support.aspx + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: AFHCAN Global LLC + product: AFHCANmobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 8.0.7 - 8.4.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://afhcan.org/support.aspx + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: AFHCAN Global LLC + product: AFHCANServer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 8.0.7 - 8.4.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://afhcan.org/support.aspx + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: AFHCAN Global LLC + product: AFHCANsuite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 8.0.7 - 8.4.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://afhcan.org/support.aspx + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: AFHCAN Global LLC + product: AFHCANupdate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 8.0.7 - 8.4.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://afhcan.org/support.aspx + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: AFHCAN Global LLC + product: AFHCANweb + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 8.0.7 - 8.4.3 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://afhcan.org/support.aspx + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Agilysys + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://info.agilysys.com/webmail/76642/2001127877/c3fda575e2313fac1f6a203dc6fc1db2439c3db0da22bde1b6c1b6747d7f0e2f + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Akamai product: SIEM Splunk Connector cves: @@ -1191,36 +1191,6 @@ software: references: - '' last_updated: '2021-12-23T00:00:00' - - vendor: Amazon - product: AWS Lambda - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - Unknown - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:50+00:00' - vendor: Amazon product: AWS DynamoDB cves: @@ -1251,6 +1221,42 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Amazon + product: AWS EKS, ECS, Fargate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Unknown + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: To help mitigate the impact of the open-source Apache “Log4j2" utility + (CVE-2021-44228 and CVE-2021-45046) security issues on customers’ containers, + Amazon EKS, Amazon ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). + This hot-patch will require customer opt-in to use, and disables JNDI lookups + from the Log4J2 library in customers’ containers. These updates are available + as an Amazon Linux package for Amazon ECS customers, as a DaemonSet for Kubernetes + users on AWS, and will be in supported AWS Fargate platform versions + references: + - '' + last_updated: '2021-12-16T00:00:00' - vendor: Amazon product: AWS ElastiCache cves: @@ -1281,6 +1287,36 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Amazon + product: AWS ELB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' - vendor: Amazon product: AWS Inspector cves: @@ -1311,6 +1347,100 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Amazon + product: AWS Kinesis Data Stream + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Unknown + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ + notes: We are actively patching all sub-systems that use Log4j2 by applying updates. + The Kinesis Client Library (KCL) version 2.X and the Kinesis Producer Library + (KPL) are not impacted. For customers using KCL 1.x, we have released an updated + version and we strongly recommend that all KCL version 1.x customers upgrade + to KCL version 1.14.5 (or higher) + references: + - '' + last_updated: '2021-12-14T00:00:00' + - vendor: Amazon + product: AWS Lambda + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Unknown + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Amazon + product: AWS Lambda + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Unknown + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Amazon product: AWS RDS cves: @@ -1434,136 +1564,6 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' - - vendor: Amazon - product: AWS EKS, ECS, Fargate - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - Unknown - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ - notes: To help mitigate the impact of the open-source Apache “Log4j2" utility - (CVE-2021-44228 and CVE-2021-45046) security issues on customers’ containers, - Amazon EKS, Amazon ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). - This hot-patch will require customer opt-in to use, and disables JNDI lookups - from the Log4J2 library in customers’ containers. These updates are available - as an Amazon Linux package for Amazon ECS customers, as a DaemonSet for Kubernetes - users on AWS, and will be in supported AWS Fargate platform versions - references: - - '' - last_updated: '2021-12-16T00:00:00' - - vendor: Amazon - product: AWS ELB - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - Unknown - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ - notes: '' - references: - - '' - last_updated: '2021-12-16T00:00:00' - - vendor: Amazon - product: AWS Kinesis Data Stream - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - Unknown - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ - notes: We are actively patching all sub-systems that use Log4j2 by applying updates. - The Kinesis Client Library (KCL) version 2.X and the Kinesis Producer Library - (KPL) are not impacted. For customers using KCL 1.x, we have released an updated - version and we strongly recommend that all KCL version 1.x customers upgrade - to KCL version 1.14.5 (or higher) - references: - - '' - last_updated: '2021-12-14T00:00:00' - - vendor: Amazon - product: AWS Lambda - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - Unknown - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:50+00:00' - vendor: Amazon product: CloudFront cves: @@ -2045,7 +2045,7 @@ software: - '' last_updated: '2021-12-13T00:00:00' - vendor: Apache - product: Camel Quarkus + product: Camel 2 cves: cve-2021-4104: investigated: false @@ -2073,6 +2073,36 @@ software: references: - '' last_updated: '2021-12-13T00:00:00' + - vendor: Apache + product: Camel JBang + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <=3.1.4 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://camel.apache.org/blog/2021/12/log4j2/ + notes: '' + references: + - '' + last_updated: '2021-12-13T00:00:00' - vendor: Apache product: Camel K cves: @@ -2102,35 +2132,6 @@ software: references: - '' last_updated: '2021-12-13T00:00:00' - - vendor: Apache - product: CamelKafka Connector - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://camel.apache.org/blog/2021/12/log4j2/ - notes: '' - references: - - '' - last_updated: '2021-12-13T00:00:00' - vendor: Apache product: Camel Karaf cves: @@ -2162,7 +2163,7 @@ software: - '' last_updated: '2021-12-13T00:00:00' - vendor: Apache - product: Camel JBang + product: Camel Quarkus cves: cve-2021-4104: investigated: false @@ -2170,9 +2171,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - <=3.1.4 + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -2192,7 +2192,7 @@ software: - '' last_updated: '2021-12-13T00:00:00' - vendor: Apache - product: Camel 2 + product: CamelKafka Connector cves: cve-2021-4104: investigated: false @@ -2480,6 +2480,73 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: APC by Schneider Electric + product: Powerchute Business Edition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - v9.5 + - v10.0.1 + - v10.0.2 + - v10.0.3 + - v10.0.4 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345 + notes: Mitigation instructions to remove the affected class. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: APC by Schneider Electric + product: Powerchute Network Shutdown + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '4.2' + - '4.3' + - '4.4' + - 4.4.1 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345 + notes: Mitigation instructions to remove the affected class. + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Apereo product: CAS cves: @@ -2541,35 +2608,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Application Performance Ltd - product: DBMarlin - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: - - Not Affected - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: [] - notes: '' - references: - - '' - last_updated: '2021-12-15T00:00:00' - vendor: Apigee product: '' cves: @@ -2745,6 +2783,35 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: Application Performance Ltd + product: DBMarlin + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - Not Affected + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Application Performance Ltd product: DBMarlin cves: @@ -2833,73 +2900,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: APC by Schneider Electric - product: Powerchute Business Edition - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - v9.5 - - v10.0.1 - - v10.0.2 - - v10.0.3 - - v10.0.4 - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345 - notes: Mitigation instructions to remove the affected class. - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: APC by Schneider Electric - product: Powerchute Network Shutdown - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - '4.2' - - '4.3' - - '4.4' - - 4.4.1 - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345 - notes: Mitigation instructions to remove the affected class. - references: - - '' - last_updated: '2021-12-15T00:00:00' - vendor: Aqua Security product: '' cves: @@ -3718,7 +3718,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -3731,7 +3731,9 @@ software: unaffected_versions: [] vendor_links: - https://www.atvise.com/en/articles/at-log4j-sicherheitsluecke-atvise-produkte-und-terminals-nicht-betroffen - notes: The security vulnerability does NOT affect our applications and products or pose any threat. This applies to all Bachmann applications and products, including atvise solutions. + notes: The security vulnerability does NOT affect our applications and products + or pose any threat. This applies to all Bachmann applications and products, + including atvise solutions. references: - '' last_updated: '2022-01-17T00:00:00' @@ -4081,6 +4083,38 @@ software: references: - '' last_updated: '2021-12-14T00:00:00' + - vendor: Avaya + product: Avaya Aura® Device Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.0.1 + - 8.0.2 + - 8.1.3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 + notes: '' + references: + - '' + last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Aura® Media Server cves: @@ -4816,38 +4850,6 @@ software: references: - '' last_updated: '2021-12-14T00:00:00' - - vendor: Avaya - product: Avaya Aura® Device Services - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 8.0.1 - - 8.0.2 - - 8.1.3 - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 - notes: '' - references: - - '' - last_updated: '2021-12-14T00:00:00' - vendor: AVEPOINT product: '' cves: diff --git a/data/cisagov_B.yml b/data/cisagov_B.yml index 5a00349..96dd688 100644 --- a/data/cisagov_B.yml +++ b/data/cisagov_B.yml @@ -33,35 +33,6 @@ software: references: - '' last_updated: '2021-12-16T00:00:00' - - vendor: Baxter - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - vendor: BackBox product: '' cves: @@ -207,8 +178,8 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: BBraun - product: Outlook® Safety Infusion System Pump family + - vendor: Baxter + product: '' cves: cve-2021-4104: investigated: false @@ -231,43 +202,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf + - https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf notes: '' references: - '' last_updated: '2021-12-20T00:00:00' - vendor: BBraun - product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor® - Space® Infusion - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: BBraun - product: Pump, SpaceStation, and Space® Wireless Battery) + product: APEX® Compounder cves: cve-2021-4104: investigated: false @@ -324,6 +265,35 @@ software: references: - '' last_updated: '2021-12-20T00:00:00' + - vendor: BBraun + product: Outlook® Safety Infusion System Pump family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' - vendor: BBraun product: Pinnacle® Compounder cves: @@ -354,7 +324,37 @@ software: - '' last_updated: '2021-12-20T00:00:00' - vendor: BBraun - product: APEX® Compounder + product: Pump, SpaceStation, and Space® Wireless Battery) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: BBraun + product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor® + Space® Infusion cves: cve-2021-4104: investigated: false @@ -614,6 +614,35 @@ software: references: - '' last_updated: '2021-12-20T00:00:00' + - vendor: BD + product: BD Knowledge Portal for BD Pyxis™ Supply + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD Knowledge Portal for Infusion Technologies cves: @@ -672,35 +701,6 @@ software: references: - '' last_updated: '2021-12-20T00:00:00' - - vendor: BD - product: BD Knowledge Portal for BD Pyxis™ Supply - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD Synapsys™ Informatics Solution cves: @@ -1049,35 +1049,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: BioMerieux - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.biomerieux.com/en/cybersecurity-data-privacy - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: Bender product: '' cves: @@ -1256,6 +1227,35 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' + - vendor: BioMerieux + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.biomerieux.com/en/cybersecurity-data-privacy + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' - vendor: BisectHosting product: '' cves: @@ -2590,35 +2590,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' - - vendor: Boston Scientific - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - vendor: Bosch product: '' cves: @@ -2648,6 +2619,35 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: Boston Scientific + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' - vendor: Box product: '' cves: diff --git a/data/cisagov_C.yml b/data/cisagov_C.yml index 648dacb..60b11b6 100644 --- a/data/cisagov_C.yml +++ b/data/cisagov_C.yml @@ -120,6 +120,35 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: Alphenix (Angio Workstation) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' - vendor: Canon product: CT Medical Imaging Products cves: @@ -149,151 +178,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: Canon - product: MR Medical Imaging Products - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Canon - product: UL Medical Imaging Products - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Canon - product: XR Medical Imaging Products - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Canon - product: NM Medical Imaging Products - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Canon - product: Vitrea Advanced 7.x - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: Canon product: Infinix-i (Angio Workstation) cves: @@ -324,7 +208,123 @@ software: - '' last_updated: '2021-12-22T00:00:00' - vendor: Canon - product: Alphenix (Angio Workstation) + product: MR Medical Imaging Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: NM Medical Imaging Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: UL Medical Imaging Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: Vitrea Advanced 7.x + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Canon + product: XR Medical Imaging Products cves: cve-2021-4104: investigated: false @@ -996,93 +996,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:51+00:00' - - vendor: Cisco - product: Cisco Common Services Platform Collector - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:51+00:00' - - vendor: Cisco - product: Cisco Network Services Orchestrator (NSO) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:51+00:00' - - vendor: Cisco - product: Cisco System Architecture Evolution Gateway (SAEGW) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:51+00:00' - vendor: Cisco product: Cisco ACI Multi-Site Orchestrator cves: @@ -1489,6 +1402,35 @@ software: references: - '' last_updated: '2022-01-12T07:18:51+00:00' + - vendor: Cisco + product: Cisco Common Services Platform Collector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:51+00:00' - vendor: Cisco product: Cisco Computer Telephony Integration Object Server (CTIOS) cves: @@ -1866,34 +1808,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:51+00:00' - - vendor: Cisco - product: DUO network gateway (on-prem/self-hosted) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: [] - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:51+00:00' - vendor: Cisco product: Cisco Elastic Services Controller (ESC) cves: @@ -2736,6 +2650,35 @@ software: references: - '' last_updated: '2022-01-12T07:18:51+00:00' + - vendor: Cisco + product: Cisco Network Services Orchestrator (NSO) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:51+00:00' - vendor: Cisco product: Cisco Nexus 5500 Platform Switches cves: @@ -3028,7 +2971,7 @@ software: - '' last_updated: '2022-01-12T07:18:51+00:00' - vendor: Cisco - product: Cisco Paging Server (InformaCast) + product: Cisco Paging Server cves: cve-2021-4104: investigated: false @@ -3057,7 +3000,7 @@ software: - '' last_updated: '2022-01-12T07:18:51+00:00' - vendor: Cisco - product: Cisco Paging Server + product: Cisco Paging Server (InformaCast) cves: cve-2021-4104: investigated: false @@ -3665,6 +3608,35 @@ software: references: - '' last_updated: '2022-01-12T07:18:51+00:00' + - vendor: Cisco + product: Cisco System Architecture Evolution Gateway (SAEGW) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:51+00:00' - vendor: Cisco product: Cisco TelePresence Management Suite cves: @@ -3956,7 +3928,7 @@ software: - '' last_updated: '2022-01-12T07:18:51+00:00' - vendor: Cisco - product: Cisco Unified Contact Center Enterprise - Live Data server + product: Cisco Unified Contact Center Enterprise cves: cve-2021-4104: investigated: false @@ -3985,7 +3957,7 @@ software: - '' last_updated: '2022-01-12T07:18:51+00:00' - vendor: Cisco - product: Cisco Unified Contact Center Enterprise + product: Cisco Unified Contact Center Enterprise - Live Data server cves: cve-2021-4104: investigated: false @@ -4419,6 +4391,34 @@ software: references: - '' last_updated: '2022-01-12T07:18:51+00:00' + - vendor: Cisco + product: DUO network gateway (on-prem/self-hosted) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:51+00:00' - vendor: Cisco product: duo network gateway (on-prem/self-hosted) cves: @@ -4810,39 +4810,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Citrix - product: ShareFile Storage Zones Controller - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.citrix.com/article/CTX335705 - notes: Citrix continues to investigate any potential impact on Citrix-managed - cloud services. If, as the investigation continues, any Citrix-managed services - are found to be affected by this issue, Citrix will take immediate action to - remediate the problem. Customers using Citrix-managed cloud services do not - need to take any action. - references: - - '' - last_updated: '2021-12-21T00:00:00' - vendor: Citrix product: Citrix Virtual Apps and Desktops (XenApp & XenDesktop) cves: @@ -4913,6 +4880,39 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Citrix + product: ShareFile Storage Zones Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.citrix.com/article/CTX335705 + notes: Citrix continues to investigate any potential impact on Citrix-managed + cloud services. If, as the investigation continues, any Citrix-managed services + are found to be affected by this issue, Citrix will take immediate action to + remediate the problem. Customers using Citrix-managed cloud services do not + need to take any action. + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: Claris product: '' cves: @@ -6163,7 +6163,7 @@ software: - '' last_updated: '2022-01-12T07:18:51+00:00' - vendor: Cloudera - product: Workload XM (SaaS) + product: Workload XM cves: cve-2021-4104: investigated: false @@ -6171,8 +6171,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -6192,7 +6193,7 @@ software: - '' last_updated: '2022-01-12T07:18:51+00:00' - vendor: Cloudera - product: Workload XM + product: Workload XM (SaaS) cves: cve-2021-4104: investigated: false @@ -6200,9 +6201,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - All versions + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -6663,7 +6663,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Confluent - product: Confluent Platform + product: Confluent ElasticSearch Sink Connector cves: cve-2021-4104: investigated: false @@ -6673,7 +6673,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - <7.0.1 + - <11.1.7 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -6722,66 +6722,6 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' - - vendor: Confluent - product: Confluent Kafka Connectors - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Confluent - product: Confluent ElasticSearch Sink Connector - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - <11.1.7 - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - vendor: Confluent product: Confluent Google DataProc Sink Connector cves: @@ -6812,36 +6752,6 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' - - vendor: Confluent - product: Confluent Splunk Sink Connector - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - <2.05 - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - vendor: Confluent product: Confluent HDFS 2 Sink Connector cves: @@ -6902,6 +6812,96 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Confluent + product: Confluent Kafka Connectors + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Confluent + product: Confluent Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <7.0.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Confluent + product: Confluent Splunk Sink Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <2.05 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Confluent product: Confluent VMWare Tanzu GemFire Sink Connector cves: diff --git a/data/cisagov_D.yml b/data/cisagov_D.yml index 1fefa45..1a63d55 100644 --- a/data/cisagov_D.yml +++ b/data/cisagov_D.yml @@ -34,7 +34,7 @@ software: - '' last_updated: '2022-01-06T00:00:00' - vendor: Daktronics - product: Data Vision Software (DVS) + product: Dakronics Media Player cves: cve-2021-4104: investigated: false @@ -42,10 +42,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - DMP (any series) cve-2021-45046: investigated: false affected_versions: [] @@ -58,8 +59,7 @@ software: unaffected_versions: [] vendor_links: - https://www.daktronics.com/en-us/support/kb/000025337 - notes: DVS has one microservice that uses Log4j, but it uses a version that is - not impacted. + notes: '' references: - '' last_updated: '2022-01-06T00:00:00' @@ -95,7 +95,7 @@ software: - '' last_updated: '2022-01-06T00:00:00' - vendor: Daktronics - product: Dakronics Media Player + product: Data Vision Software (DVS) cves: cve-2021-4104: investigated: false @@ -103,11 +103,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - DMP (any series) + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -120,7 +119,8 @@ software: unaffected_versions: [] vendor_links: - https://www.daktronics.com/en-us/support/kb/000025337 - notes: '' + notes: DVS has one microservice that uses Log4j, but it uses a version that is + not impacted. references: - '' last_updated: '2022-01-06T00:00:00' @@ -881,6 +881,66 @@ software: references: - '' last_updated: '2022-01-12T07:18:51+00:00' + - vendor: Dell + product: '"Dell EMC PowerMax VMAX VMAX3 and VMAX AFA"' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: '"Dell EMC PowerSwitch Z9264F-ON BMC Dell EMC PowerSwitch Z9432F-ON BMC"' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Alienware Command Center cves: @@ -1001,6 +1061,65 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: APEX Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - N/A + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Cloud environment patched + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: APEX Data Storage Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Cloud environment patch in progress + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Atmos cves: @@ -1241,6 +1360,35 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Cloud IQ + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Cloud environment patched + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Cloud Mobility for Dell EMC Storage cves: @@ -1331,6 +1479,65 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Connectrix (Cisco MDS DCNM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/23/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Connectrix B-Series SANnav + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.1.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 3/31/2022 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Connextrix B Series cves: @@ -1421,6 +1628,36 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Data Domain OS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Versions between 7.3.0.5 and 7.7.0.6;Versions before 7.6.0.30 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-274 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell BSAFE Crypto-C Micro Edition cves: @@ -2231,6 +2468,95 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Avamar + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"18.2 19.1 19.2 19.3 19.4"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/20/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC BSN Controller Node + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-305 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Cloud Disaster Recovery + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - N/A + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Cloudboost cves: @@ -2381,6 +2707,65 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Data Protection Central + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021- 269 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Data Protection Search + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Versions before 19.5.0.7 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-279 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC DataIQ cves: @@ -2441,6 +2826,65 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC ECS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/18/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Enterprise Storage Analytics for vRealize Operations + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"<6.0.0 6.1.0 6.2.x"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-278 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC GeoDrive cves: @@ -2471,6 +2915,70 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Integrated System for Azure Stack HCI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - N/A + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '"Dell EMC Integrated System for Azure Stack HCI is not impacted by this + advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect + Gateway (SCG) were optionally installed with Dell EMC Integrated System for + Azure Stack HCI monitor the following advisories. Apply workaround guidance + and remediations as they become [available:](https://www.dell.com/support/kbdoc/en-us/000194622/dsa-2021-307-dell-emc-integrated-system-for-azure-stack-hci-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Integrated System for Microsoft Azure Stack Hub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - N/A + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Isilon InsightIQ cves: @@ -2531,6 +3039,96 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Metro Node + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 7.0.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-308 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC NetWorker Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"19.5.x 19.4.x 19.3.x"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/20/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC NetWorker Virtual Edition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"19.5.x 19.4.x 19.3.x"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/20/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Networking Onie cves: @@ -2561,6 +3159,36 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Networking Virtual Edge Platform with VersaOS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"with Versa Concerto with Versa Analytics with Versa Concero Director"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-304 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC OpenManage Ansible Modules cves: @@ -2713,7 +3341,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: '"Dell EMC PowerMax VMAX VMAX3 and VMAX AFA"' + product: Dell EMC PowerFlex Appliance cves: cve-2021-4104: investigated: false @@ -2722,10 +3350,11 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - '"All versions up to Intelligent Catalog 38_356_00_r10.zip All versions + up to Intelligent Catalog 38_362_00_r7.zip"' fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -2738,7 +3367,67 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: Patch pending + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerFlex Rack + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - N/A + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerFlex Software (SDS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"3.5 3.5.1 3.5.1.1 3.5.1.2 3.5.1.3 3.5.1.4 3.6 3.6.0.1 3.6.0.2"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending references: - '' last_updated: '2021-12-15T00:00:00' @@ -2832,6 +3521,66 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerProtect Data Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All versions 19.9 and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerProtect DP Series Appliance (iDPA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.7.0 and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerScale OneFS cves: @@ -2953,7 +3702,36 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: '"Dell EMC PowerSwitch Z9264F-ON BMC Dell EMC PowerSwitch Z9432F-ON BMC"' + product: Dell EMC PowerStore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/23/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC PowerVault MD3 Series Storage Arrays cves: cve-2021-4104: investigated: false @@ -3013,7 +3791,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: Dell EMC PowerVault MD3 Series Storage Arrays + product: Dell EMC RecoverPoint Classic cves: cve-2021-4104: investigated: false @@ -3022,10 +3800,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - All 5.1.x and later versions fixed_versions: [] - unaffected_versions: - - N/A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -3038,7 +3816,37 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' + notes: Patch pending + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC RecoverPoint for Virtual Machine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All 5.0.x and later versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending references: - '' last_updated: '2021-12-15T00:00:00' @@ -3072,6 +3880,93 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Ruckus SmartZone 100 Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-303 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Ruckus SmartZone 300 Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-303 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Ruckus Virtual Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-303 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC SourceOne cves: @@ -3102,6 +3997,65 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC SRM vApp + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Versions before 4.6.0.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 1/25/2022 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Streaming Data Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/18/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Systems Update (DSU) cves: @@ -3162,6 +4116,35 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC Unity + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/29/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Virtual Storage Integrator cves: @@ -3222,6 +4205,36 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell EMC VxRail + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"4.5.x 4.7.x 7.0.x"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC XtremIO cves: @@ -3642,6 +4655,36 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Dell Open Management Enterprise - Modular + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <1.40.10 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-268 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell OpenManage Change Management cves: @@ -4302,6 +5345,35 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: DellEMC OpenManage Enterprise Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/20/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dream Catcher cves: @@ -4452,6 +5524,35 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Enterprise Hybrid Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '[link](https://www.dell.com/support/kbdoc/en-us/000194490/dsa-2021-270-enterprise-hybrid-cloud-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Equallogic PS cves: @@ -5202,6 +6303,35 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: OpenManage Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/19/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: OpenManage Integration for Microsoft System Center for System Center Operations Manager @@ -5713,6 +6843,66 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Secure Connect Gateway (SCG) Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"5.00.00 5.00.05 and 4.0.06 and earlier versions (OVF and VHD)"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-282 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Secure Connect Gateway (SCG) Policy Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"5.00.00.10 5.00.05.10"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: See DSA-2021-281 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Server Storage cves: @@ -5953,6 +7143,36 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: SRS Policy Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '7' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: SRS VE cves: @@ -5983,6 +7203,35 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Storage Center - Dell Storage Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Storage Center OS and additional SC applications unless otherwise noted cves: @@ -6073,6 +7322,35 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: SupportAssist Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/23/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: UCC Edge cves: @@ -6103,6 +7381,35 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Unisphere Central + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 1/10/2022 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Unisphere for PowerMax cves: @@ -6253,6 +7560,35 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Vblock + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch pending See vce6771 (requires customer login) + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: ViPR Controller cves: @@ -6283,6 +7619,66 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: VMware vRealize Automation 8.x + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"8.2 8.3 8.4 8.5 and 8.6"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/19/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: VMware vRealize Orchestrator 8.x + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"8.2 8.3 8.4 8.5 and 8.6"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/19/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Dell product: VNX1 cves: @@ -6343,1492 +7739,6 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: VPLEX VS2/VS6 / VPLEX Witness - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Vsan Ready Nodes - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Warnado MLK (firmware) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Wyse Proprietary OS (ThinOS) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Wyse Windows Embedded Suite - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '' - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: APEX Console - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - N/A - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Cloud environment patched - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: APEX Data Storage Services - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Cloud environment patch in progress - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Cloud IQ - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Cloud environment patched - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Connectrix (Cisco MDS DCNM) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/23/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Connectrix B-Series SANnav - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 2.1.1 - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 3/31/2022 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Data Domain OS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - Versions between 7.3.0.5 and 7.7.0.6;Versions before 7.6.0.30 - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-274 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Avamar - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '"18.2 19.1 19.2 19.3 19.4"' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/20/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC BSN Controller Node - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-305 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Cloud Disaster Recovery - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - N/A - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Data Protection Central - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021- 269 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Data Protection Search - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - Versions before 19.5.0.7 - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-279 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC ECS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/18/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Enterprise Hybrid Cloud - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '[link](https://www.dell.com/support/kbdoc/en-us/000194490/dsa-2021-270-enterprise-hybrid-cloud-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Enterprise Storage Analytics for vRealize Operations - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '"<6.0.0 6.1.0 6.2.x"' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-278 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Integrated System for Azure Stack HCI - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - N/A - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '"Dell EMC Integrated System for Azure Stack HCI is not impacted by this - advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect - Gateway (SCG) were optionally installed with Dell EMC Integrated System for - Azure Stack HCI monitor the following advisories. Apply workaround guidance - and remediations as they become [available:](https://www.dell.com/support/kbdoc/en-us/000194622/dsa-2021-307-dell-emc-integrated-system-for-azure-stack-hci-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Integrated System for Microsoft Azure Stack Hub - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - N/A - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC NetWorker Virtual Edition - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '"19.5.x 19.4.x 19.3.x"' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/20/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC NetWorker Server - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '"19.5.x 19.4.x 19.3.x"' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/20/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Networking Virtual Edge Platform with VersaOS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '"with Versa Concerto with Versa Analytics with Versa Concero Director"' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-304 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC PowerFlex Appliance - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '"All versions up to Intelligent Catalog 38_356_00_r10.zip All versions - up to Intelligent Catalog 38_362_00_r7.zip"' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC PowerFlex Software (SDS) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '"3.5 3.5.1 3.5.1.1 3.5.1.2 3.5.1.3 3.5.1.4 3.6 3.6.0.1 3.6.0.2"' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC PowerFlex Rack - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - N/A - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC PowerProtect Data Manager - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - All versions 19.9 and earlier - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC PowerProtect DP Series Appliance (iDPA) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 2.7.0 and earlier - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC PowerStore - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/23/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC RecoverPoint for Virtual Machine - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - All 5.0.x and later versions - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC RecoverPoint Classic - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - All 5.1.x and later versions - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC SRM vApp - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - Versions before 4.6.0.2 - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 1/25/2022 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Streaming Data Platform - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/18/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Unity - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/29/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Metro Node - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 7.0.x - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-308 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC VxRail - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '"4.5.x 4.7.x 7.0.x"' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell Open Management Enterprise - Modular - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - <1.40.10 - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-268 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: DellEMC OpenManage Enterprise Services - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/20/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: OpenManage Enterprise - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/19/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Ruckus SmartZone 300 Controller - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-303 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Ruckus SmartZone 100 Controller - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-303 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Dell EMC Ruckus Virtual Software - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-303 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Secure Connect Gateway (SCG) Appliance - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '"5.00.00 5.00.05 and 4.0.06 and earlier versions (OVF and VHD)"' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-282 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Secure Connect Gateway (SCG) Policy Manager - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '"5.00.00.10 5.00.05.10"' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: See DSA-2021-281 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: SRS Policy Manager - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '7' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Storage Center - Dell Storage Manager - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: SupportAssist Enterprise - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/23/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Unisphere Central - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 1/10/2022 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: Vblock - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch pending See vce6771 (requires customer login) - references: - - '' - last_updated: '2021-12-15T00:00:00' - vendor: Dell product: VNXe 1600 cves: @@ -7890,7 +7800,37 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: VxBlock + product: VPLEX VS2/VS6 / VPLEX Witness + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: vRealize Data Protection Extension Data Management cves: cve-2021-4104: investigated: false @@ -7914,7 +7854,37 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: '"Patch pending See vce6771 (requires customer login) "' + notes: Patch expected by 12/19/21 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: vRealize Data Protection Extension for vRealize Automation (vRA) 8.x + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '"version 19.6 version 19.7 version 19.8 and version 19.9"' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: Patch expected by 12/19/21 references: - '' last_updated: '2021-12-15T00:00:00' @@ -8099,36 +8069,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: vRealize Data Protection Extension Data Management - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/19/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: vRealize Data Protection Extension for vRealize Automation (vRA) 8.x + product: Vsan Ready Nodes cves: cve-2021-4104: investigated: false @@ -8137,8 +8078,37 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - '"version 19.6 version 19.7 version 19.8 and version 19.9"' + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: VxBlock + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -8153,12 +8123,12 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/19/21 + notes: '"Patch pending See vce6771 (requires customer login) "' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Dell - product: VMware vRealize Automation 8.x + product: Warnado MLK (firmware) cves: cve-2021-4104: investigated: false @@ -8167,10 +8137,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - '"8.2 8.3 8.4 8.5 and 8.6"' + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - N/A cve-2021-45046: investigated: false affected_versions: [] @@ -8183,37 +8153,7 @@ software: unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/19/21 - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Dell - product: VMware vRealize Orchestrator 8.x - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '"8.2 8.3 8.4 8.5 and 8.6"' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability - notes: Patch expected by 12/19/21 + notes: '' references: - '' last_updated: '2021-12-15T00:00:00' @@ -8247,6 +8187,66 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Wyse Proprietary OS (ThinOS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Dell + product: Wyse Windows Embedded Suite + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Deltares product: Delft-FEWS cves: @@ -8393,6 +8393,122 @@ software: references: - '' last_updated: '2022-01-12T07:18:52+00:00' + - vendor: Digi International + product: AnywhereUSB Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: ARMT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Aview + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: AVWOB + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: CTEK G6200 family cves: @@ -8596,35 +8712,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: Digi Connect family - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.digi.com/resources/security - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Connect EZ family cves: @@ -8654,6 +8741,35 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Connect family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Connect IT family cves: @@ -8683,64 +8799,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: Digi ConnectPort family - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.digi.com/resources/security - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: Digi ConnectPort LTS family - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.digi.com/resources/security - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Connect Sensor family cves: @@ -8799,6 +8857,64 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi ConnectPort family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi ConnectPort LTS family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Embedded Android cves: @@ -8944,6 +9060,35 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Navigator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi One family cves: @@ -9031,6 +9176,35 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Digi International + product: Digi Remote Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.digi.com/resources/security + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi TX routers cves: @@ -9234,180 +9408,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: AnywhereUSB Manager - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.digi.com/resources/security - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: Aview - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.digi.com/resources/security - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: ARMT - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.digi.com/resources/security - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: AVWOB - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.digi.com/resources/security - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: Digi Navigator - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.digi.com/resources/security - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Digi International - product: Digi Remote Manager - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.digi.com/resources/security - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Xbee mobile app cves: @@ -9758,36 +9758,7 @@ software: - '' last_updated: '2022-01-12T07:18:52+00:00' - vendor: Dynatrace - product: Managed cluster nodes - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ - notes: Please see Dynatrace Communication for details - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Dynatrace - product: SAAS + product: ActiveGate cves: cve-2021-4104: investigated: false @@ -9815,6 +9786,35 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Dynatrace + product: Dynatrace Extensions + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ + notes: Please see Dynatrace Communication for details + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: Dynatrace product: FedRamp SAAS cves: @@ -9845,7 +9845,65 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Dynatrace - product: Synthetic public locations + product: Managed cluster nodes + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ + notes: Please see Dynatrace Communication for details + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Dynatrace + product: OneAgent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Dynatrace + product: SAAS cves: cve-2021-4104: investigated: false @@ -9903,7 +9961,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Dynatrace - product: ActiveGate + product: Synthetic public locations cves: cve-2021-4104: investigated: false @@ -9931,62 +9989,4 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Dynatrace - product: OneAgent - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Dynatrace - product: Dynatrace Extensions - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ - notes: Please see Dynatrace Communication for details - references: - - '' - last_updated: '2021-12-21T00:00:00' ... diff --git a/data/cisagov_E.yml b/data/cisagov_E.yml index abf2a20..8643da5 100644 --- a/data/cisagov_E.yml +++ b/data/cisagov_E.yml @@ -355,6 +355,35 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: Elastic + product: Elastic Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Elastic Cloud Enterprise cves: @@ -442,35 +471,6 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' - - vendor: Elastic - product: Elastic Cloud - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 - notes: '' - references: - - '' - last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Elastic Endgame cves: @@ -794,64 +794,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:52+00:00' - - vendor: Ellucian - product: Banner Analytics - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Ellucian - product: Colleague - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue - notes: On-prem and cloud deployements expect fixed 12/18/2021 - references: - - '' - last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Admin cves: @@ -882,7 +824,65 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Ellucian - product: Enterprise Identity Services(BEIS) + product: Banner Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Banner Document Management (includes Banner Document Retention) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Banner Event Publisher cves: cve-2021-4104: investigated: false @@ -968,6 +968,35 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Banner Self Service + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Banner Workflow cves: @@ -998,7 +1027,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Ellucian - product: Banner Document Management (includes Banner Document Retention) + product: Colleague cves: cve-2021-4104: investigated: false @@ -1022,181 +1051,7 @@ software: unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Ellucian - product: Ellucian Advance Web Connector - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Ellucian - product: Ellucian eTranscripts - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Ellucian - product: Ellucian Mobile - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Ellucian - product: Ellucian Solution Manager - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Ellucian - product: Banner Event Publisher - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Ellucian - product: Banner Self Service - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue - notes: '' + notes: On-prem and cloud deployements expect fixed 12/18/2021 references: - '' last_updated: '2021-12-17T00:00:00' @@ -1316,6 +1171,35 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Advance Web Connector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Data Access cves: @@ -1374,6 +1258,35 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Ellucian Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian ePrint cves: @@ -1490,6 +1403,35 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian eTranscripts + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Experience cves: @@ -1635,6 +1577,35 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Mobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Payment Gateway cves: @@ -1665,7 +1636,36 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Ellucian - product: Ellucian Ellucian Portal + product: Ellucian PowerCampus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Ellucian + product: Ellucian Solution Manager cves: cve-2021-4104: investigated: false @@ -1723,7 +1723,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Ellucian - product: Ellucian PowerCampus + product: Enterprise Identity Services(BEIS) cves: cve-2021-4104: investigated: false @@ -1752,7 +1752,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: K-Series Coriolis Transmitters + product: 148 Temperature Transmitter cves: cve-2021-4104: investigated: false @@ -1781,7 +1781,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: Prolink Configuration Software + product: 2051 Pressure Transmitter Family cves: cve-2021-4104: investigated: false @@ -1810,7 +1810,355 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: Prolink Mobile Application & ProcessViz Software + product: 2088 Pressure Transmitter Family + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 2090F/2090P Pressure Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 215 Pressure Sensor Module + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 248 Configuration Application + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 248 Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 3051 & 3051S Pressure transmitter families + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 3144P Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 326P Pressure Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 326T Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 327T Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 4088 Pressure Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 4088 Upgrade Utility + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 4600 Pressure Transmitter cves: cve-2021-4104: investigated: false @@ -1868,7 +2216,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: Vortex and Magmeter Transmitters + product: 4732 Endeavor cves: cve-2021-4104: investigated: false @@ -1897,181 +2245,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: USM 3410 and 3810 Series Ultrasonic Transmitters - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Mark III Gas and Liquid USM - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Flarecheck FlowCheck Flowel & PWAM software - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: MPFM2600 & MPFM5726 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: DHNC1 DHNC2 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: WCM SWGM - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Fieldwatch and Service consoles + product: 550 PT Pressure Transmitter cves: cve-2021-4104: investigated: false @@ -2129,7 +2303,704 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: Plantweb Advisor for Metrology and Metering Suite SDK + product: 5726 Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 644 Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 648 Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 848T Temperature Transmitter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Combustion: OCX OXT 6888 CX1100 6888Xi' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT2211 QCL Aerosol Microleak Detection System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT3000 QCL Automotive OEM Gas Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT4000 QCL Marine OEM Gas Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT4215 QCL Packaging Leak Detection System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT4400 QCL General Purpose Continuous Gas Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT4404 QCL pMDI Leak Detection Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT5100 QCL Field Housing Continuous Gas Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT5400 QCL General Purpose Continuous Gas Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: CT5800 QCL Flameproof Housing Continuous Gas Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: DHNC1 DHNC2 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: DHNC1 DHNC2 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Emerson Aperio software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Engineering Assistant 5.x & 6.x + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Fieldwatch and Service consoles + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Fieldwatch and Service consoles + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Flame Detection: 975UF & 975UR Infrared Flame Detectors 975HR Infrared + Hydrogen Flame Detector 975MR Multi-Spectrum Infrared Flame Detector' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Flarecheck FlowCheck Flowel & PWAM software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Flarecheck FlowCheck Flowel & PWAM software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)' cves: cve-2021-4104: investigated: false @@ -2187,7 +3058,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)' + product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020' cves: cve-2021-4104: investigated: false @@ -2246,470 +3117,6 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: K-Series Coriolis Transmitters - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Prolink Configuration Software - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Prolink Mobile Application & ProcessViz Software - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 4732 Endeavor - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Vortex and Magmeter Transmitters - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: USM 3410 and 3810 Series Ultrasonic Transmitters - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Mark III Gas and Liquid USM - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Flarecheck FlowCheck Flowel & PWAM software - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: MPFM2600 & MPFM5726 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: DHNC1 DHNC2 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: WCM SWGM - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Fieldwatch and Service consoles - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 5726 Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Plantweb Advisor for Metrology and Metering Suite SDK - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle @@ -2771,8 +3178,36 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: 'Flame Detection: 975UF & 975UR Infrared Flame Detectors 975HR Infrared - Hydrogen Flame Detector 975MR Multi-Spectrum Infrared Flame Detector' + product: K-Series Coriolis Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: K-Series Coriolis Transmitters cves: cve-2021-4104: investigated: false @@ -2830,7 +3265,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: 'Combustion: OCX OXT 6888 CX1100 6888Xi' + product: Mark III Gas and Liquid USM cves: cve-2021-4104: investigated: false @@ -2859,7 +3294,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: Spectrex family Flame Detectors and Rosemount 975 flame detector + product: Mark III Gas and Liquid USM cves: cve-2021-4104: investigated: false @@ -2888,7 +3323,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: CT4400 QCL General Purpose Continuous Gas Analyzer + product: MPFM2600 & MPFM5726 cves: cve-2021-4104: investigated: false @@ -2917,7 +3352,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: CT5400 QCL General Purpose Continuous Gas Analyzer + product: MPFM2600 & MPFM5726 cves: cve-2021-4104: investigated: false @@ -2946,7 +3381,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: CT5100 QCL Field Housing Continuous Gas Analyzer + product: Plantweb Advisor for Metrology and Metering Suite SDK cves: cve-2021-4104: investigated: false @@ -2975,7 +3410,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: CT5800 QCL Flameproof Housing Continuous Gas Analyzer + product: Plantweb Advisor for Metrology and Metering Suite SDK cves: cve-2021-4104: investigated: false @@ -3004,7 +3439,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: CT4215 QCL Packaging Leak Detection System + product: Prolink Configuration Software cves: cve-2021-4104: investigated: false @@ -3033,7 +3468,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: CT2211 QCL Aerosol Microleak Detection System + product: Prolink Configuration Software cves: cve-2021-4104: investigated: false @@ -3062,7 +3497,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: CT4404 QCL pMDI Leak Detection Analyzer + product: Prolink Mobile Application & ProcessViz Software cves: cve-2021-4104: investigated: false @@ -3091,819 +3526,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: CT4000 QCL Marine OEM Gas Analyzer - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: CT3000 QCL Automotive OEM Gas Analyzer - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 3051 & 3051S Pressure transmitter families - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 2051 Pressure Transmitter Family - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 4088 Pressure Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 2088 Pressure Transmitter Family - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 2090F/2090P Pressure Transmitters - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 4600 Pressure Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 215 Pressure Sensor Module - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 550 PT Pressure Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 326P Pressure Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 3144P Temperature Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 644 Temperature Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 848T Temperature Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 148 Temperature Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 248 Temperature Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 326T Temperature Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 327T Temperature Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 648 Temperature Transmitter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 4088 Upgrade Utility - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Engineering Assistant 5.x & 6.x - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: 248 Configuration Application - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Rosemount IO-Link Assistant - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Rosemount TankMaster and TankMaster Mobile - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Rosemount RadarMaster and RadarMaster Plus - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Rosemount Radar Configuration Tool - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Rosemount 2460 System Hub - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Rosemount 2410 Tank Hub - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Rosemount 3490 Controller + product: Prolink Mobile Application & ProcessViz Software cves: cve-2021-4104: investigated: false @@ -3989,6 +3612,122 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount 2410 Tank Hub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount 2460 System Hub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount 3490 Controller + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount CMS/IOU 61 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount CMS/SCU 51/SCC cves: @@ -4048,94 +3787,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: Rosemount CMS/IOU 61 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Rosemount Level Transmitters (14xx 33xx 53xx 54xx 56xx) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Rosemount Radar Level Gauges (Pro 39xx 59xx) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Emerson - product: Rosemount Tank Radar Gauges (TGUxx) + product: Rosemount IO-Link Assistant cves: cve-2021-4104: investigated: false @@ -4193,7 +3845,355 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Emerson - product: Emerson Aperio software + product: Rosemount Level Transmitters (14xx 33xx 53xx 54xx 56xx) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount Radar Configuration Tool + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount Radar Level Gauges (Pro 39xx 59xx) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount RadarMaster and RadarMaster Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount Tank Radar Gauges (TGUxx) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Rosemount TankMaster and TankMaster Mobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Spectrex family Flame Detectors and Rosemount 975 flame detector + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: USM 3410 and 3810 Series Ultrasonic Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: USM 3410 and 3810 Series Ultrasonic Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Vortex and Magmeter Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: Vortex and Magmeter Transmitters + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: WCM SWGM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Emerson + product: WCM SWGM cves: cve-2021-4104: investigated: false diff --git a/data/cisagov_F.yml b/data/cisagov_F.yml index 5abf36e..054ebe8 100644 --- a/data/cisagov_F.yml +++ b/data/cisagov_F.yml @@ -242,128 +242,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:52+00:00' - - vendor: F5 - product: Traffix SDC - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 5.x (5.2.0 CF1 - - 5.1.0 CF-30 - 5.1.0 CF-33) - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.f5.com/csp/article/K19026212 - notes: 'Vulnerable components: EMS-ELK components (Fluentd + Elastic Search + - Kibana), Element Management System' - references: - - '' - last_updated: '2022-01-12T07:18:52+00:00' - - vendor: F5 - product: NGINX Plus - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - R19 - R25 - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.f5.com/csp/article/K19026212 - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:52+00:00' - - vendor: F5 - product: NGINX Open Source - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 1.x - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.f5.com/csp/article/K19026212 - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:52+00:00' - - vendor: F5 - product: NGINX Unit - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 1.x - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.f5.com/csp/article/K19026212 - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:52+00:00' - vendor: F5 product: NGINX App Protect cves: @@ -484,6 +362,66 @@ software: references: - '' last_updated: '2022-01-12T07:18:52+00:00' + - vendor: F5 + product: NGINX Open Source + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 1.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:52+00:00' + - vendor: F5 + product: NGINX Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - R19 - R25 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:52+00:00' - vendor: F5 product: NGINX Service Mesh cves: @@ -514,6 +452,68 @@ software: references: - '' last_updated: '2022-01-12T07:18:52+00:00' + - vendor: F5 + product: NGINX Unit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 1.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:52+00:00' + - vendor: F5 + product: Traffix SDC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 5.x (5.2.0 CF1 + - 5.1.0 CF-30 - 5.1.0 CF-33) + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.f5.com/csp/article/K19026212 + notes: 'Vulnerable components: EMS-ELK components (Fluentd + Elastic Search + + Kibana), Element Management System' + references: + - '' + last_updated: '2022-01-12T07:18:52+00:00' - vendor: FAST LTA product: '' cves: diff --git a/data/cisagov_G.yml b/data/cisagov_G.yml index a4fcb96..dce5a0e 100644 --- a/data/cisagov_G.yml +++ b/data/cisagov_G.yml @@ -64,6 +64,35 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: GE Gas Power + product: Asset Performance Management (APM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf + notes: GE verifying workaround. + references: + - '' + last_updated: '2021-12-22T00:00:00' - vendor: GE Gas Power product: Baseline Security Center (BSC) cves: @@ -124,35 +153,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: GE Gas Power - product: Asset Performance Management (APM) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf - notes: GE verifying workaround. - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: GE Gas Power product: Control Server cves: @@ -536,7 +536,7 @@ software: - '' last_updated: '2022-01-12T07:18:52+00:00' - vendor: GoAnywhere - product: MFT + product: Gateway cves: cve-2021-4104: investigated: false @@ -546,7 +546,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - < 6.8.6 + - < 2.8.4 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -566,7 +566,7 @@ software: - '' last_updated: '2021-12-18T00:00:00' - vendor: GoAnywhere - product: Gateway + product: MFT cves: cve-2021-4104: investigated: false @@ -576,7 +576,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - < 2.8.4 + - < 6.8.6 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -679,10 +679,73 @@ software: unaffected_versions: [] vendor_links: - https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html - notes: Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. + notes: Chrome Browser releases, infrastructure and admin console are not using + versions of Log4j affected by the vulnerability. references: - '' last_updated: '2022-01-14' + - vendor: Google Cloud + product: Access Transparency + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Actifio + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and + has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) + for the full statement and to obtain the hotfix (available to Actifio customers + only). + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: AI Platform Data Labeling cves: @@ -773,68 +836,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Google Cloud - product: Access Transparency - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cloud.google.com/log4j2-security-advisory - notes: Product does not use Log4j 2 and is not impacted by the issues identified - in CVE-2021-44228 and CVE-2021-45046. - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Google Cloud - product: Actifio - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cloud.google.com/log4j2-security-advisory - notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and - has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) - for the full statement and to obtain the hotfix (available to Actifio customers - only). - references: - - '' - last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Anthos cves: @@ -988,6 +989,40 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Anthos on VMWare + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check + VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds + to their VMware products as they become available. We also recommend customers + review their respective applications and workloads affected by the same vulnerabilities + and apply appropriate patches. + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Anthos Premium Software cves: @@ -1048,40 +1083,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Google Cloud - product: Anthos on VMWare - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cloud.google.com/log4j2-security-advisory - notes: Product does not use Log4j 2 and is not impacted by the issues identified - in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check - VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds - to their VMware products as they become available. We also recommend customers - review their respective applications and workloads affected by the same vulnerabilities - and apply appropriate patches. - references: - - '' - last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Apigee cves: @@ -1792,36 +1793,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Google Cloud - product: Cloud DNS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cloud.google.com/log4j2-security-advisory - notes: Product does not use Log4j 2 and is not impacted by the issues identified - in CVE-2021-44228 and CVE-2021-45046. - references: - - '' - last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Data Loss Prevention cves: @@ -1912,6 +1883,36 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud DNS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Endpoints cves: @@ -2036,7 +2037,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud - product: Cloud Intrusion Detection System (IDS) + product: Cloud Interconnect cves: cve-2021-4104: investigated: false @@ -2066,7 +2067,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud - product: Cloud Interconnect + product: Cloud Intrusion Detection System (IDS) cves: cve-2021-4104: investigated: false @@ -2185,36 +2186,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Google Cloud - product: Cloud Network Address Translation (NAT) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cloud.google.com/log4j2-security-advisory - notes: Product does not use Log4j 2 and is not impacted by the issues identified - in CVE-2021-44228 and CVE-2021-45046. - references: - - '' - last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Natural Language API cves: @@ -2245,6 +2216,36 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud Network Address Translation (NAT) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Profiler cves: @@ -2372,7 +2373,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud - product: Cloud SDK + product: Cloud Scheduler cves: cve-2021-4104: investigated: false @@ -2402,37 +2403,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud - product: Cloud SQL - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cloud.google.com/log4j2-security-advisory - notes: Product does not use Log4j 2 and is not impacted by the issues identified - in CVE-2021-44228 and CVE-2021-45046. - references: - - '' - last_updated: '2021-12-19T00:00:00' - - vendor: Google Cloud - product: Cloud Scheduler + product: Cloud SDK cves: cve-2021-4104: investigated: false @@ -2554,6 +2525,36 @@ software: references: - '' last_updated: '2021-12-19T00:00:00' + - vendor: Google Cloud + product: Cloud SQL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + last_updated: '2021-12-19T00:00:00' - vendor: Google Cloud product: Cloud Storage cves: @@ -2704,36 +2705,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Google Cloud - product: Cloud VPN - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cloud.google.com/log4j2-security-advisory - notes: Product does not use Log4j 2 and is not impacted by the issues identified - in CVE-2021-44228 and CVE-2021-45046. - references: - - '' - last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Vision cves: @@ -2794,6 +2765,36 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Google Cloud + product: Cloud VPN + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cloud.google.com/log4j2-security-advisory + notes: Product does not use Log4j 2 and is not impacted by the issues identified + in CVE-2021-44228 and CVE-2021-45046. + references: + - '' + last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: CompilerWorks cves: @@ -4865,66 +4866,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:53+00:00' - - vendor: Gravitee - product: API Management - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 3.10.x - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:53+00:00' - - vendor: Gravitee - product: API Management - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 3.5.x - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:53+00:00' - vendor: Gravitee product: Alert Engine cves: @@ -4985,6 +4926,66 @@ software: references: - '' last_updated: '2022-01-12T07:18:53+00:00' + - vendor: Gravitee + product: API Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 3.10.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:53+00:00' + - vendor: Gravitee + product: API Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 3.5.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:53+00:00' - vendor: Gravitee product: Cockpit cves: diff --git a/data/cisagov_H.yml b/data/cisagov_H.yml index 6456aa3..31674d6 100644 --- a/data/cisagov_H.yml +++ b/data/cisagov_H.yml @@ -423,7 +423,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: false affected_versions: [] @@ -453,7 +453,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: false affected_versions: [] @@ -483,7 +483,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: false affected_versions: [] @@ -512,7 +512,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '< 10.0.7' + - < 10.0.7 unaffected_versions: [] cve-2021-45046: investigated: false @@ -543,7 +543,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: false affected_versions: [] @@ -573,7 +573,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: false affected_versions: [] @@ -603,7 +603,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: false affected_versions: [] @@ -661,9 +661,9 @@ software: investigated: true affected_versions: [] fixed_versions: - - '1.21.7-1.22.9' - - '2.0.3-2.1.5' - - '2.2.0-3.0.2' + - 1.21.7-1.22.9 + - 2.0.3-2.1.5 + - 2.2.0-3.0.2 unaffected_versions: [] cve-2021-45046: investigated: false @@ -751,7 +751,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'Elasticsearch 5.0.0+' + - Elasticsearch 5.0.0+ unaffected_versions: [] cve-2021-45046: investigated: false @@ -770,6 +770,40 @@ software: references: - '' last_updated: '2022-01-05T00:00:00' + - vendor: Hitachi Energy + product: 3rd party - Oracle Database Components + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '12.1' + - '12.2' + - 19c + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch + notes: As this is a third-party component, a separate patch management report + will be provided to customers with the steps to apply the Oracle provided patches + for these components. + references: + - '' + last_updated: '2022-01-05T00:00:00' - vendor: Hitachi Energy product: Axis cves: @@ -813,7 +847,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'v6' + - v6 unaffected_versions: [] cve-2021-45046: investigated: false @@ -904,10 +938,10 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'R15A' - - 'R14B' - - 'R14A' - - 'R11B SP1' + - R15A + - R14B + - R14A + - R11B SP1 unaffected_versions: [] cve-2021-45046: investigated: false @@ -940,7 +974,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'R11A and R10 series' + - R11A and R10 series unaffected_versions: [] cve-2021-45046: investigated: false @@ -959,6 +993,35 @@ software: references: - '' last_updated: '2022-01-05T00:00:00' + - vendor: Hitachi Energy + product: Lumada APM On-premises + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch + notes: See vendor advisory for instructions for various versions. + references: + - '' + last_updated: '2022-01-05T00:00:00' - vendor: Hitachi Energy product: Lumada APM SaaS offering cves: @@ -989,35 +1052,6 @@ software: references: - '' last_updated: '2022-01-05T00:00:00' - - vendor: Hitachi Energy - product: Lumada APM On-premises - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch - notes: See vendor advisory for instructions for various versions. - references: - - '' - last_updated: '2022-01-05T00:00:00' - vendor: Hitachi Energy product: Lumada EAM / FSM cves: @@ -1030,9 +1064,9 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'v1.7.x' - - 'v1.8.x' - - 'v1.9.x' + - v1.7.x + - v1.8.x + - v1.9.x unaffected_versions: [] cve-2021-45046: investigated: false @@ -1079,38 +1113,6 @@ software: references: - '' last_updated: '2022-01-05T00:00:00' - - vendor: Hitachi Energy - product: Network Manager Outage Management Interface (CMI) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - '9.0-9.10.44' - - '9.1.1' - - '10.3.4' - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch - notes: See vendor advisory for instructions on mitigation steps. - references: - - '' - last_updated: '2022-01-05T00:00:00' - vendor: Hitachi Energy product: Network Manager ADMS Network Model Server cves: @@ -1123,7 +1125,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '9.1.0.32-9.1.0.44' + - 9.1.0.32-9.1.0.44 unaffected_versions: [] cve-2021-45046: investigated: false @@ -1142,7 +1144,7 @@ software: - '' last_updated: '2022-01-05T00:00:00' - vendor: Hitachi Energy - product: 3rd party - Oracle Database Components + product: Network Manager Outage Management Interface (CMI) cves: cve-2021-4104: investigated: false @@ -1153,9 +1155,9 @@ software: investigated: true affected_versions: [] fixed_versions: - - '12.1' - - '12.2' - - '19c' + - 9.0-9.10.44 + - 9.1.1 + - 10.3.4 unaffected_versions: [] cve-2021-45046: investigated: false @@ -1169,9 +1171,7 @@ software: unaffected_versions: [] vendor_links: - https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch - notes: As this is a third-party component, a separate patch management report - will be provided to customers with the steps to apply the Oracle provided patches - for these components. + notes: See vendor advisory for instructions on mitigation steps. references: - '' last_updated: '2022-01-05T00:00:00' @@ -1187,8 +1187,8 @@ software: investigated: true affected_versions: [] fixed_versions: - - '3.7.15' - - '3.7.16' + - 3.7.15 + - 3.7.16 unaffected_versions: [] cve-2021-45046: investigated: false @@ -1218,7 +1218,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '2.0.0' + - 2.0.0 unaffected_versions: [] cve-2021-45046: investigated: false @@ -1249,10 +1249,10 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'R15A' - - 'R14B' - - 'R14A' - - 'R11B SP1' + - R15A + - R14B + - R14A + - R11B SP1 unaffected_versions: [] cve-2021-45046: investigated: false @@ -1285,7 +1285,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 'R11A and R10 series' + - R11A and R10 series unaffected_versions: [] cve-2021-45046: investigated: false @@ -1333,35 +1333,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:53+00:00' - - vendor: HMS Industrial Networks AB - product: Talk2M including M2Web - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-12-13-001---ewon-information-log4shell.pdf?sfvrsn=55d7f4d7_11 - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - vendor: HMS Industrial Networks AB product: Cosy, Flexy and Ewon CD cves: @@ -1391,35 +1362,6 @@ software: references: - '' last_updated: '2022-01-05T00:00:00' - - vendor: HMS Industrial Networks AB - product: eCatcher Windows software - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-12-13-001---ewon-information-log4shell.pdf?sfvrsn=55d7f4d7_11 - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - vendor: HMS Industrial Networks AB product: eCatcher Mobile applications cves: @@ -1449,6 +1391,35 @@ software: references: - '' last_updated: '2022-01-05T00:00:00' + - vendor: HMS Industrial Networks AB + product: eCatcher Windows software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-12-13-001---ewon-information-log4shell.pdf?sfvrsn=55d7f4d7_11 + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' - vendor: HMS Industrial Networks AB product: Netbiter Hardware including EC, WS, and LC cves: @@ -1478,6 +1449,535 @@ software: references: - '' last_updated: '2022-01-05T00:00:00' + - vendor: HMS Industrial Networks AB + product: Talk2M including M2Web + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-12-13-001---ewon-information-log4shell.pdf?sfvrsn=55d7f4d7_11 + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: HOLOGIC + product: Advanced Workflow Manager (AWM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: While the Hologic software itself does not utilize Java/Log4J, the installed + APC PowerChute UPS with Business Edition v9.5 software installed may. APC is + still assessing its PowerChute software to determine if it is vulnerable. + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Affirm Prone Biopsy System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Brevera Breast Biopsy System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Cenova Image Analytics Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Dimensions / 3Dimensions Mammography System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Discovery Bone Densitometer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Faxitron CT Specimen Radiography System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: While the Hologic software itself does not utilize Java/Log4J, there is + a utility program installed that may utilize Java and Log4J. This utility program + does not run on startup and is not required for system operation. Please contact + Hologic Service for assistance in removing this program. + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Faxitron Specimen Radiography Systems + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Fluoroscan Insight Mini C-Arm + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Horizon DXA Bone Densitometer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Rosetta DC Tomosynthesis Data Converter + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: SecurView DX Workstation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: SecurXChange Router + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: SuperSonic Imagine Ultrasound Products (Aixplorer & Aixplorer Mach) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Trident HD Specimen Radiography System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Unifi Workspace + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: While the Hologic software itself does not utilize Java/Log4J, the installed + APC PowerChute UPS with Business Edition v9.5 software installed may. APC is + still assessing its PowerChute software to determine if it is vulnerable. + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: HOLOGIC + product: Windows Selenia Mammography System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' - vendor: Honeywell product: '' cves: @@ -1519,7 +2019,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '< v113' + - < v113 unaffected_versions: [] cve-2021-45046: investigated: false @@ -1549,7 +2049,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '< 1.0.6' + - < 1.0.6 unaffected_versions: [] cve-2021-45046: investigated: false @@ -1579,7 +2079,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '< 21.10.3' + - < 21.10.3 unaffected_versions: [] cve-2021-45046: investigated: false @@ -1609,8 +2109,8 @@ software: investigated: true affected_versions: [] fixed_versions: - - '< 21.03.6' - - '< 20.07.4' + - < 21.03.6 + - < 20.07.4 unaffected_versions: [] cve-2021-45046: investigated: false @@ -2063,64 +2563,6 @@ software: references: - '' last_updated: '2021-12-12T00:00:00' - - vendor: HPE - product: ArubaOS-CX switches - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us - notes: 'Support Communication Cross Reference ID: SIK7387' - references: - - '' - last_updated: '2021-12-12T00:00:00' - - vendor: HPE - product: ArubaOS-S switches - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us - notes: 'Support Communication Cross Reference ID: SIK7387' - references: - - '' - last_updated: '2021-12-12T00:00:00' - vendor: HPE product: ArubaOS SD-WAN Controllers and Gateways cves: @@ -2179,6 +2621,64 @@ software: references: - '' last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: ArubaOS-CX switches + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: HPE + product: ArubaOS-S switches + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us + notes: 'Support Communication Cross Reference ID: SIK7387' + references: + - '' + last_updated: '2021-12-12T00:00:00' - vendor: HPE product: BladeSystem Onboard Administrator cves: @@ -5430,506 +5930,6 @@ software: references: - '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)' last_updated: '2021-12-17T00:00:00' - - vendor: HOLOGIC - product: Advanced Workflow Manager (AWM) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: While the Hologic software itself does not utilize Java/Log4J, the installed - APC PowerChute UPS with Business Edition v9.5 software installed may. APC is - still assessing its PowerChute software to determine if it is vulnerable. - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Unifi Workspace - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: While the Hologic software itself does not utilize Java/Log4J, the installed - APC PowerChute UPS with Business Edition v9.5 software installed may. APC is - still assessing its PowerChute software to determine if it is vulnerable. - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Faxitron CT Specimen Radiography System - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: While the Hologic software itself does not utilize Java/Log4J, there is - a utility program installed that may utilize Java and Log4J. This utility program - does not run on startup and is not required for system operation. Please contact - Hologic Service for assistance in removing this program. - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Dimensions / 3Dimensions Mammography System - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Affirm Prone Biopsy System - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Brevera Breast Biopsy System - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Trident HD Specimen Radiography System - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: SecurView DX Workstation - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Cenova Image Analytics Server - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: SecurXChange Router - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Rosetta DC Tomosynthesis Data Converter - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Faxitron Specimen Radiography Systems - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Horizon DXA Bone Densitometer - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Discovery Bone Densitometer - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Fluoroscan Insight Mini C-Arm - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: SuperSonic Imagine Ultrasound Products (Aixplorer & Aixplorer Mach) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: HOLOGIC - product: Windows Selenia Mammography System - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - vendor: Huawei product: '' cves: diff --git a/data/cisagov_I.yml b/data/cisagov_I.yml index 8c9c197..f07aca1 100644 --- a/data/cisagov_I.yml +++ b/data/cisagov_I.yml @@ -120,65 +120,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:53+00:00' - - vendor: IBM - product: BigFix Compliance - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: [] - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:53+00:00' - - vendor: IBM - product: BigFix Inventory - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - VM Manager Tool & SAP Tool - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: [] - notes: To verify if your instance is affected, go to the lib subdirectory of the - tool (BESClient/LMT/SAPTOOL and BESClient/LMT/VMMAN) and check what version - of log4j is included. Version is included in the name of the library. - references: - - '' - last_updated: '2022-01-12T07:18:53+00:00' - vendor: IBM product: Analytics Engine cves: @@ -324,6 +265,35 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: Aspera + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Aspera Endpoint cves: @@ -411,35 +381,6 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' - - vendor: IBM - product: Aspera - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products - notes: '' - references: - - '' - last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Bare Metal Servers cves: @@ -469,6 +410,65 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' + - vendor: IBM + product: BigFix Compliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:53+00:00' + - vendor: IBM + product: BigFix Inventory + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - VM Manager Tool & SAP Tool + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: To verify if your instance is affected, go to the lib subdirectory of the + tool (BESClient/LMT/SAPTOOL and BESClient/LMT/VMMAN) and check what version + of log4j is included. Version is included in the name of the library. + references: + - '' + last_updated: '2022-01-12T07:18:53+00:00' - vendor: IBM product: Block Storage cves: @@ -6228,7 +6228,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: false affected_versions: [] @@ -6241,7 +6241,8 @@ software: unaffected_versions: [] vendor_links: - https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day - notes: Older versions of Ignition (7.8 and older) did use the Log4j library, but they used an older version (1.2) that was not affected by this vulnerability. + notes: Older versions of Ignition (7.8 and older) did use the Log4j library, but + they used an older version (1.2) that was not affected by this vulnerability. references: - '' last_updated: '2022-01-19T00:00:00' @@ -6477,6 +6478,35 @@ software: references: - '' last_updated: '2021-12-16T00:00:00' + - vendor: Intel + product: Computer Vision Annotation Tool maintained by Intel + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' - vendor: Intel product: Datacenter Manager cves: @@ -6506,93 +6536,6 @@ software: references: - '' last_updated: '2021-12-16T00:00:00' - - vendor: Intel - product: oneAPI sample browser plugin for Eclipse - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html - notes: '' - references: - - '' - last_updated: '2021-12-16T00:00:00' - - vendor: Intel - product: System Debugger - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html - notes: '' - references: - - '' - last_updated: '2021-12-16T00:00:00' - - vendor: Intel - product: Secure Device Onboard - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html - notes: '' - references: - - '' - last_updated: '2021-12-16T00:00:00' - vendor: Intel product: Genomics Kernel Library cves: @@ -6623,7 +6566,7 @@ software: - '' last_updated: '2021-12-16T00:00:00' - vendor: Intel - product: System Studio + product: oneAPI sample browser plugin for Eclipse cves: cve-2021-4104: investigated: false @@ -6652,7 +6595,7 @@ software: - '' last_updated: '2021-12-16T00:00:00' - vendor: Intel - product: Computer Vision Annotation Tool maintained by Intel + product: Secure Device Onboard cves: cve-2021-4104: investigated: false @@ -6709,6 +6652,94 @@ software: references: - '' last_updated: '2021-12-16T00:00:00' + - vendor: Intel + product: System Debugger + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Intel + product: System Studio + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Internet Systems Consortium(ISC) + product: BIND 9 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.isc.org/blogs/2021-log4j/ + notes: no JAVA Code + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Internet Systems Consortium(ISC) product: ISC DHCP, aka dhcpd cves: @@ -6769,36 +6800,6 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' - - vendor: Internet Systems Consortium(ISC) - product: BIND 9 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.isc.org/blogs/2021-log4j/ - notes: no JAVA Code - references: - - '' - last_updated: '2021-12-17T00:00:00' - vendor: InterSystems product: '' cves: @@ -6988,7 +6989,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7018,7 +7019,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7048,7 +7049,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7076,8 +7077,8 @@ software: cve-2021-44228: investigated: true affected_versions: - - '6.2.2' - - '6.3.0 to 6.3.3' + - 6.2.2 + - 6.3.0 to 6.3.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -7109,7 +7110,37 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: CETerm (Naurtech) + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7139,7 +7170,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7169,7 +7200,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7199,7 +7230,37 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: ConnectPro (Termproxy) + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7229,7 +7290,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7259,7 +7320,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7289,7 +7350,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7319,7 +7380,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7349,7 +7410,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7379,7 +7440,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7409,37 +7470,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: '' - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: ITSM 6/7 - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7469,7 +7500,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7499,7 +7530,37 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: ITSM 6/7 + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7529,7 +7590,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7559,7 +7620,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7589,37 +7650,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: '' - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: Ivanti EPM - Cloud Service Appliance - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7649,7 +7680,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7679,7 +7710,37 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: Ivanti EPM - Cloud Service Appliance + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7707,15 +7768,15 @@ software: cve-2021-44228: investigated: true affected_versions: - - '2019.1.*' - - '2020.1.*' - - '2020.3.*' - - '2021.1.*' - - '4.4.*' + - 2019.1.* + - 2020.1.* + - 2020.3.* + - 2021.1.* + - 4.4.* fixed_versions: - - '2021.3 HF2' - - '2021.1 HF1' - - '2020.3 HF2' + - 2021.3 HF2 + - 2021.1 HF1 + - 2020.3 HF2 unaffected_versions: [] cve-2021-45046: investigated: '' @@ -7746,7 +7807,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7776,7 +7837,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7806,7 +7867,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7836,7 +7897,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7866,97 +7927,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: '' - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: Ivanti Service Desk - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: Not Affected. Java is no longer required since version 2018.3U3 Customers on older versions can uninstall JRE on their ISD Servers for mitigation. This will disable indexing of Attachments and Documents for full-text search. - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: Ivanti Service Manager - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: '' - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: Ivanti Service Manager for Neurons (Cloud) - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7986,7 +7957,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -7999,7 +7970,100 @@ software: unaffected_versions: [] vendor_links: - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: See More INFO for Ivanti Security Controls (Patch ISec) in the Advisory Page + notes: See More INFO for Ivanti Security Controls (Patch ISec) in the Advisory + Page + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: Ivanti Service Desk + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: Not Affected. Java is no longer required since version 2018.3U3 Customers + on older versions can uninstall JRE on their ISD Servers for mitigation. This + will disable indexing of Attachments and Documents for full-text search. + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: Ivanti Service Manager + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: Ivanti Service Manager for Neurons (Cloud) + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' references: - '' last_updated: '2022-01-18T00:00:00' @@ -8016,7 +8080,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8046,7 +8110,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8076,7 +8140,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8106,7 +8170,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8136,7 +8200,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8166,7 +8230,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8196,7 +8260,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8226,7 +8290,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8254,7 +8318,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'All' + - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -8286,7 +8350,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8316,7 +8380,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8346,7 +8410,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8374,7 +8438,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'All' + - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -8393,6 +8457,36 @@ software: references: - '' last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: MobileIron Core Connector + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: See Advisory details for mitigation instructions for MobileIron Core Connector. + references: + - '' + last_updated: '2022-01-18T00:00:00' - vendor: Ivanti product: MobileIron Sentry (Core/Cloud) cves: @@ -8424,36 +8518,6 @@ software: references: - '' last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: MobileIron Core Connector - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 'All' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: See Advisory details for mitigation instructions for MobileIron Core Connector. - references: - - '' - last_updated: '2022-01-18T00:00:00' - vendor: Ivanti product: Patch MEM (Microsoft Endpoint Manager) cves: @@ -8467,7 +8531,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8497,7 +8561,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8527,157 +8591,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: '' - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: Pulse Desktop Client - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: '' - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: Pulse Mobile Client - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: '' - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: Pulse Services Director - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: '' - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: Pulse Virtual Traffic Manager - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: '' - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: Pulse Web Application Firewall - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8707,7 +8621,67 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: Pulse Desktop Client + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: Pulse Mobile Client + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8737,7 +8711,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8767,7 +8741,97 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: Pulse Services Director + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: Pulse Virtual Traffic Manager + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: Pulse Web Application Firewall + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8797,7 +8861,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8827,7 +8891,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8857,7 +8921,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8887,7 +8951,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8917,7 +8981,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8947,7 +9011,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -8977,97 +9041,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: '' - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: ConnectPro (Termproxy) - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: '' - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: Wavelink License Server - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US - notes: '' - references: - - '' - last_updated: '2022-01-18T00:00:00' - - vendor: Ivanti - product: CETerm (Naurtech) - cves: - cve-2021-4104: - investigated: '' - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -9097,7 +9071,37 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All + cve-2021-45046: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US + notes: '' + references: + - '' + last_updated: '2022-01-18T00:00:00' + - vendor: Ivanti + product: Wavelink License Server + cves: + cve-2021-4104: + investigated: '' + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -9127,7 +9131,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] diff --git a/data/cisagov_J.yml b/data/cisagov_J.yml index 3ab71be..c5139ee 100644 --- a/data/cisagov_J.yml +++ b/data/cisagov_J.yml @@ -208,38 +208,6 @@ software: references: - '' last_updated: '2021-12-16T00:00:00' - - vendor: JetBrains - product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, - IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, - Rider, RubyMine, WebStorm) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - Unknown - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:54+00:00' - vendor: JetBrains product: All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory, dotCover, dotPeek) @@ -271,216 +239,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' - - vendor: JetBrains - product: ToolBox - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - Unknown - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:54+00:00' - - vendor: JetBrains - product: TeamCity - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - Unknown - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://youtrack.jetbrains.com/issue/TW-74298 - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:54+00:00' - - vendor: JetBrains - product: Hub - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - 2021.1.14080 - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://blog.jetbrains.com/hub/2021/12/14/hub-update-regarding-log4j2-vulnerability/ - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:54+00:00' - - vendor: JetBrains - product: YouTrack Standalone - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - 2021.4.35970 - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://blog.jetbrains.com/youtrack/2021/12/youtrack-update-regarding-log4j2-vulnerability/ - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:54+00:00' - - vendor: JetBrains - product: YouTrack InCloud - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - Unknown - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:54+00:00' - - vendor: JetBrains - product: Datalore - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - Unknown - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:54+00:00' - - vendor: JetBrains - product: Space - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - Unknown - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:54+00:00' - vendor: Jetbrains product: Code With Me cves: @@ -511,6 +269,66 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' + - vendor: JetBrains + product: Datalore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:54+00:00' + - vendor: JetBrains + product: Floating license server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '30211' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:54+00:00' - vendor: JetBrains product: Gateway cves: @@ -541,6 +359,68 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' + - vendor: JetBrains + product: Hub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 2021.1.14080 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/hub/2021/12/14/hub-update-regarding-log4j2-vulnerability/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:54+00:00' + - vendor: JetBrains + product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, + IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, + Rider, RubyMine, WebStorm) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:54+00:00' - vendor: JetBrains product: Kotlin cves: @@ -632,7 +512,7 @@ software: - '' last_updated: '2022-01-12T07:18:54+00:00' - vendor: JetBrains - product: Floating license server + product: Space cves: cve-2021-4104: investigated: false @@ -642,9 +522,69 @@ software: cve-2021-44228: investigated: true affected_versions: [] - fixed_versions: - - '30211' + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:54+00:00' + - vendor: JetBrains + product: TeamCity + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://youtrack.jetbrains.com/issue/TW-74298 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:54+00:00' + - vendor: JetBrains + product: ToolBox + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown cve-2021-45046: investigated: false affected_versions: [] @@ -691,6 +631,66 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' + - vendor: JetBrains + product: YouTrack InCloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Unknown + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:54+00:00' + - vendor: JetBrains + product: YouTrack Standalone + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 2021.4.35970 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.jetbrains.com/youtrack/2021/12/youtrack-update-regarding-log4j2-vulnerability/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:54+00:00' - vendor: JFROG product: '' cves: @@ -778,8 +778,8 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' - - vendor: jPOS - product: (ISO-8583) bridge + - vendor: Johnson Controls + product: BCPro cves: cve-2021-4104: investigated: false @@ -791,7 +791,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - Unknown + - All versions cve-2021-45046: investigated: false affected_versions: [] @@ -803,11 +803,131 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://github.com/jpos/jPOS/commit/d615199a1bdd35c35d63c07c10fd0bdbbc96f625 + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: CEM AC2000 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: CEM Hardware Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: CloudVue Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: CloudVue Web + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: C•CURE‐9000 cves: @@ -928,6 +1048,456 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: DLS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Entrapass + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: exacqVision Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: exacqVision Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: exacqVision WebService + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Facility Explorer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 14.x + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Illustra Cameras + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Illustra Insight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: iSTAR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Metasys Products and Tools + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: PowerSeries NEO + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: PowerSeries Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Qolsys IQ Panels + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Sur‐Gard Receivers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Johnson Controls + product: Tyco AI + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.johnsoncontrols.com/cyber-solutions/security-advisories + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: victor cves: @@ -1018,456 +1588,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: Metasys Products and Tools - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: Facility Explorer - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 14.x - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: CEM AC2000 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: CEM Hardware Products - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: Illustra Cameras - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: Illustra Insight - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: Tyco AI - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: DLS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: Entrapass - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: CloudVue Web - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: CloudVue Gateway - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: Qolsys IQ Panels - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: PowerSeries NEO - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: PowerSeries Pro - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: Sur‐Gard Receivers - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: VideoEdge cves: @@ -1498,156 +1618,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: exacqVision Server - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: exacqVision Client - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: exacqVision WebService - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: BCPro - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Johnson Controls - product: iSTAR - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All versions - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.johnsoncontrols.com/cyber-solutions/security-advisories - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - vendor: Journyx product: '' cves: @@ -1677,6 +1647,36 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' + - vendor: jPOS + product: (ISO-8583) bridge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Unknown + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/jpos/jPOS/commit/d615199a1bdd35c35d63c07c10fd0bdbbc96f625 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:54+00:00' - vendor: Jump Desktop product: '' cves: diff --git a/data/cisagov_L.yml b/data/cisagov_L.yml index 11c83aa..ee4821e 100644 --- a/data/cisagov_L.yml +++ b/data/cisagov_L.yml @@ -613,35 +613,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Leica BIOSYSTEMS - product: BOND-ADVANCE - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.leicabiosystems.com/about/product-security/ - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: BOND Controller cves: @@ -671,64 +642,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Leica BIOSYSTEMS - product: BOND-III - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.leicabiosystems.com/about/product-security/ - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Leica BIOSYSTEMS - product: BOND-MAX - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.leicabiosystems.com/about/product-security/ - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: BOND RX cves: @@ -787,6 +700,93 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: BOND-ADVANCE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: BOND-III + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Leica BIOSYSTEMS + product: BOND-MAX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.leicabiosystems.com/about/product-security/ + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: CEREBRO cves: diff --git a/data/cisagov_M.yml b/data/cisagov_M.yml index 987e2bb..42ad7ab 100644 --- a/data/cisagov_M.yml +++ b/data/cisagov_M.yml @@ -62,6 +62,35 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' + - vendor: ManageEngine + product: AD SelfService Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Build 6.1 build 6114 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-27T00:00:00' - vendor: ManageEngine product: Servicedesk Plus cves: @@ -73,7 +102,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '11305 and below' + - 11305 and below fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -92,35 +121,6 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' - - vendor: ManageEngine - product: AD SelfService Plus - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'Build 6.1 build 6114' - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: [] - notes: '' - references: - - '' - last_updated: '2021-12-27T00:00:00' - vendor: ManageEngine Zoho product: '' cves: @@ -150,6 +150,35 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' + - vendor: ManageEngine Zoho + product: ADAudit Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: ADManager Plus cves: @@ -180,7 +209,36 @@ software: - '' last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho - product: ADAudit Plus + product: Analytics Plus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: ManageEngine Zoho + product: Cloud Security Plus cves: cve-2021-4104: investigated: false @@ -266,64 +324,6 @@ software: references: - '' last_updated: '2021-12-16T00:00:00' - - vendor: ManageEngine Zoho - product: M365 Manager Plus - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 - notes: '' - references: - - '' - last_updated: '2021-12-16T00:00:00' - - vendor: ManageEngine Zoho - product: RecoveryManager Plus - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 - notes: '' - references: - - '' - last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: Exchange Reporter Plus cves: @@ -412,7 +412,7 @@ software: - '' last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho - product: Cloud Security Plus + product: M365 Manager Plus cves: cve-2021-4104: investigated: false @@ -470,7 +470,7 @@ software: - '' last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho - product: Analytics Plus + product: RecoveryManager Plus cves: cve-2021-4104: investigated: false @@ -569,7 +569,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: false affected_versions: [] @@ -598,7 +598,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '1.59.10+' + - 1.59.10+ unaffected_versions: [] cve-2021-45046: investigated: false @@ -927,7 +927,7 @@ software: - '' last_updated: '2021-12-20T00:00:00' - vendor: McAfee - product: ePolicy Orchestrator Application Server (ePO) + product: Enterprise Security Manager (ESM) cves: cve-2021-4104: investigated: false @@ -938,7 +938,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '5.10 CU11' + - 11.5.3 unaffected_versions: [] cve-2021-45046: investigated: false @@ -984,6 +984,36 @@ software: references: - '' last_updated: '2021-12-20T00:00:00' + - vendor: McAfee + product: ePolicy Orchestrator Application Server (ePO) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 5.10 CU11 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kc.mcafee.com/agent/index?page=content&id=SB10377 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Host Intrusion Prevention (Host IPS) cves: @@ -1264,34 +1294,6 @@ software: references: - '' last_updated: '2021-12-20T00:00:00' - - vendor: McAfee - product: McAfee Security for Microsoft SharePoint (MSMS) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: [] - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: McAfee Security for Microsoft Exchange (MSME) cves: @@ -1321,7 +1323,7 @@ software: - '' last_updated: '2021-12-20T00:00:00' - vendor: McAfee - product: Enterprise Security Manager (ESM) + product: McAfee Security for Microsoft SharePoint (MSMS) cves: cve-2021-4104: investigated: false @@ -1329,10 +1331,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - '11.5.3' + fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false @@ -1344,8 +1345,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: - - https://kc.mcafee.com/agent/index?page=content&id=SB10377 + vendor_links: [] notes: '' references: - '' @@ -1637,8 +1637,8 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' - - vendor: Microsoft - product: Azure Application Gateway + - vendor: Micro Focus + product: Data Protector cves: cve-2021-4104: investigated: false @@ -1646,9 +1646,19 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - '10.20' + - '10.30' + - '10.40' + - '10.50' + - '10.60' + - '10.70' + - '10.80' + - '10.90' + - '10.91' + - '11.00' unaffected_versions: [] cve-2021-45046: investigated: false @@ -1661,11 +1671,11 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ + - https://portal.microfocus.com/s/article/KM000003052 notes: '' references: - - '' - last_updated: '2022-01-12T07:18:54+00:00' + - '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)' + last_updated: '2021-12-13T00:00:00' - vendor: Microsoft product: Azure API Gateway cves: @@ -1695,6 +1705,35 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' + - vendor: Microsoft + product: Azure Application Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:54+00:00' - vendor: Microsoft product: Azure Data lake store java cves: @@ -1706,7 +1745,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '< 2.3.10' + - < 2.3.10 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -1736,7 +1775,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '< 2.3.10' + - < 2.3.10 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -1756,7 +1795,7 @@ software: - '' last_updated: '2022-01-12T07:18:54+00:00' - vendor: Microsoft - product: Azure DevOps Server + product: Azure DevOps cves: cve-2021-4104: investigated: false @@ -1764,9 +1803,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - '2019.0 - 2020.1' + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -1786,7 +1824,7 @@ software: - '' last_updated: '2022-01-12T07:18:54+00:00' - vendor: Microsoft - product: Azure DevOps + product: Azure DevOps Server cves: cve-2021-4104: investigated: false @@ -1794,8 +1832,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - 2019.0 - 2020.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -1854,7 +1893,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '2018.2+' + - 2018.2+ fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -1902,45 +1941,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' - - vendor: Micro Focus - product: Data Protector - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - '10.20' - - '10.30' - - '10.40' - - '10.50' - - '10.60' - - '10.70' - - '10.80' - - '10.90' - - '10.91' - - '11.00' - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://portal.microfocus.com/s/article/KM000003052 - notes: '' - references: - - '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)' - last_updated: '2021-12-13T00:00:00' - vendor: Midori Global product: '' cves: @@ -2538,7 +2538,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -2551,7 +2551,9 @@ software: unaffected_versions: [] vendor_links: - https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability - notes: Moxa is investigating to determine if any of our products are affected by this vulnerability. At the time of publication, none of Moxa's products are affected. + notes: Moxa is investigating to determine if any of our products are affected + by this vulnerability. At the time of publication, none of Moxa's products are + affected. references: - '' last_updated: '2022-01-19T00:00:00' @@ -2586,7 +2588,7 @@ software: - '' last_updated: '2022-01-12T07:18:54+00:00' - vendor: Mulesoft - product: Mule Runtime + product: Anypoint Studio cves: cve-2021-4104: investigated: false @@ -2596,39 +2598,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '3.x' - - '4.x' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 - notes: This advisory is available to account holders only and has not been reviewed - by CISA. - references: - - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Mulesoft - product: Mule Agent - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '6.x' + - 7.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -2679,7 +2649,7 @@ software: - '' last_updated: '2021-12-15T00:00:00' - vendor: Mulesoft - product: Anypoint Studio + product: Mule Agent cves: cve-2021-4104: investigated: false @@ -2689,7 +2659,39 @@ software: cve-2021-44228: investigated: true affected_versions: - - '7.x' + - 6.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 + notes: This advisory is available to account holders only and has not been reviewed + by CISA. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Mulesoft + product: Mule Runtime + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.x + - 4.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: diff --git a/data/cisagov_N.yml b/data/cisagov_N.yml index 3ce3b55..bcb7474 100644 --- a/data/cisagov_N.yml +++ b/data/cisagov_N.yml @@ -102,9 +102,9 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'Vertica' - - 'Cloudera' - - 'Logstash' + - Vertica + - Cloudera + - Logstash fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -136,7 +136,7 @@ software: investigated: true affected_versions: - '>4.2' - - '<4..2.12' + - <4..2.12 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -282,7 +282,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - '3.0.57' + - 3.0.57 unaffected_versions: [] cve-2021-45046: investigated: false @@ -312,7 +312,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '<7.4.3' + - <7.4.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -374,7 +374,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - '21.04.0.5552' + - 21.04.0.5552 cve-2021-45046: investigated: false affected_versions: [] @@ -1342,35 +1342,6 @@ software: references: - '' last_updated: '2021-12-20T00:00:00' - - vendor: Nutanix - product: Leap - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf - notes: Saas-Based Procuct. See Advisory. - references: - - '' - last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: LCM cves: @@ -1401,6 +1372,35 @@ software: references: - '' last_updated: '2021-12-20T00:00:00' + - vendor: Nutanix + product: Leap + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf + notes: Saas-Based Procuct. See Advisory. + references: + - '' + last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Mine cves: diff --git a/data/cisagov_O.yml b/data/cisagov_O.yml index 4751f7c..89b0d7b 100644 --- a/data/cisagov_O.yml +++ b/data/cisagov_O.yml @@ -294,6 +294,36 @@ software: references: - '' last_updated: '2021-12-12T00:00:00' + - vendor: Okta + product: Okta On-Prem MFA Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 1.4.6 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-12T00:00:00' - vendor: Okta product: Okta RADIUS Server Agent cves: @@ -382,36 +412,6 @@ software: references: - '' last_updated: '2021-12-12T00:00:00' - - vendor: Okta - product: Okta On-Prem MFA Agent - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - < 1.4.6 - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228 - notes: '' - references: - - '' - last_updated: '2021-12-12T00:00:00' - vendor: Onespan product: '' cves: @@ -586,37 +586,6 @@ software: references: - '' last_updated: '2021-12-23T00:00:00' - - vendor: Opto 22 - product: GRV-EPIC-PR1, GRV-EPIC-PR2 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - < 3.3.2 - fixed_versions: - - 3.3.2 - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit - notes: The Log4j vulnerability affects all products running groov View software - references: - - '' - last_updated: '2022-01-13T00:00:00' - vendor: Opto 22 product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP cves: @@ -710,6 +679,37 @@ software: references: - '' last_updated: '2022-01-13T00:00:00' + - vendor: Opto 22 + product: GRV-EPIC-PR1, GRV-EPIC-PR2 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 3.3.2 + fixed_versions: + - 3.3.2 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit + notes: The Log4j vulnerability affects all products running groov View software + references: + - '' + last_updated: '2022-01-13T00:00:00' - vendor: Oracle product: '' cves: @@ -741,7 +741,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Oracle - product: Exadata + product: Enterprise Manager cves: cve-2021-4104: investigated: false @@ -751,7 +751,8 @@ software: cve-2021-44228: investigated: true affected_versions: - - <21.3.4 + - '13.5' + - 13.4 & 13.3.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -773,7 +774,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Oracle - product: Enterprise Manager + product: Exadata cves: cve-2021-4104: investigated: false @@ -783,8 +784,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - '13.5' - - 13.4 & 13.3.2 + - <21.3.4 fixed_versions: [] unaffected_versions: [] cve-2021-45046: diff --git a/data/cisagov_Q.yml b/data/cisagov_Q.yml index d877f90..a51cbb4 100644 --- a/data/cisagov_Q.yml +++ b/data/cisagov_Q.yml @@ -62,36 +62,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:55+00:00' - - vendor: QMATIC - product: Orchestra Central - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 6.0+ - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability - notes: '' - references: - - '' - last_updated: '2021-12-21T00:00:00' - vendor: QMATIC product: Appointment Booking cves: @@ -122,6 +92,36 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: QMATIC + product: Appointment Booking + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Cloud/Managed Service + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability + notes: log4j 2.16 applied 2021-12-15 + references: + - '' + last_updated: '2021-12-21T00:00:00' - vendor: QMATIC product: Insights cves: @@ -153,7 +153,7 @@ software: - '' last_updated: '2021-12-21T00:00:00' - vendor: QMATIC - product: Appointment Booking + product: Orchestra Central cves: cve-2021-4104: investigated: false @@ -162,10 +162,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - Cloud/Managed Service + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - 6.0+ cve-2021-45046: investigated: false affected_versions: [] @@ -178,7 +178,7 @@ software: unaffected_versions: [] vendor_links: - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability - notes: log4j 2.16 applied 2021-12-15 + notes: '' references: - '' last_updated: '2021-12-21T00:00:00' diff --git a/data/cisagov_S.yml b/data/cisagov_S.yml index 3ef818e..fa14507 100644 --- a/data/cisagov_S.yml +++ b/data/cisagov_S.yml @@ -755,68 +755,6 @@ software: references: - '' last_updated: '2021-12-15T00:00:00' - - vendor: Samsung Electronics America - product: Knox Reseller Portal - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - 'Cloud' - unaffected_versions: [] - cve-2021-45046: - investigated: true - affected_versions: [] - fixed_versions: - - 'Cloud' - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services - notes: '' - references: - - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox Manage - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - 'Cloud' - unaffected_versions: [] - cve-2021-45046: - investigated: true - affected_versions: [] - fixed_versions: - - 'Cloud' - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services - notes: '' - references: - - '' - last_updated: '2022-01-17T00:00:00' - vendor: Samsung Electronics America product: Knox Admin Portal cves: @@ -830,75 +768,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services - notes: '' - references: - - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox Mobile Enrollment - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services - notes: '' - references: - - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox Configure - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' + - All cve-2021-45105: investigated: false affected_versions: [] @@ -923,13 +799,44 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox Configure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All cve-2021-45105: investigated: false affected_versions: [] @@ -954,44 +861,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services - notes: '' - references: - - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox Managed Services Provider (MSP) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' + - All cve-2021-45105: investigated: false affected_versions: [] @@ -1016,13 +892,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45105: investigated: false affected_versions: [] @@ -1047,13 +923,137 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox Manage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox Managed Services Provider (MSP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox Mobile Enrollment + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox Reseller Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] @@ -1360,124 +1360,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Schneider Electric - product: EcoStruxure IT Gateway - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - V1.5.0 to V1.13.0 - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://ecostruxureit.com/download-and-set-upecostruxureit-gateway/ - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: EcoStruxure IT Expert - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - Cloud - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: [] - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: Facility Expert Small Business - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - Cloud - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: Wiser by SE platform - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - Cloud - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: [] - notes: '' - references: - - '' - last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: EASYFIT cves: @@ -1538,6 +1420,65 @@ software: references: - '' last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: EcoStruxure IT Expert + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: EcoStruxure IT Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - V1.5.0 to V1.13.0 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://ecostruxureit.com/download-and-set-upecostruxureit-gateway/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: Eurotherm Data Reviewer cves: @@ -1568,6 +1509,36 @@ software: references: - '' last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: Facility Expert Small Business + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: MSE cves: @@ -2048,6 +2019,35 @@ software: references: - '' last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: Wiser by SE platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' - vendor: Schweitzer Engineering Laboratories product: '' cves: @@ -2252,36 +2252,7 @@ software: - '' last_updated: '2022-01-12T07:18:55+00:00' - vendor: Securonix - product: SNYPR Application - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-OnPrem-Customer-Update.pdf - notes: '' - references: - - '' - last_updated: '2021-12-10T00:00:00' - - vendor: Securonix - product: Next Gen SIEM + product: Extended Detection and Response (XDR) cves: cve-2021-4104: investigated: false @@ -2311,7 +2282,7 @@ software: - '' last_updated: '2021-12-10T00:00:00' - vendor: Securonix - product: User and Entity Behavior Analytics(UEBA) + product: Next Gen SIEM cves: cve-2021-4104: investigated: false @@ -2371,7 +2342,36 @@ software: - '' last_updated: '2021-12-10T00:00:00' - vendor: Securonix - product: Extended Detection and Response (XDR) + product: SNYPR Application + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-OnPrem-Customer-Update.pdf + notes: '' + references: + - '' + last_updated: '2021-12-10T00:00:00' + - vendor: Securonix + product: User and Entity Behavior Analytics(UEBA) cves: cve-2021-4104: investigated: false @@ -2905,6 +2905,64 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Cios Flow S1 / Alpha / Spin VA30 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Cios Select FD/I.I. VA21 / VA21-S3P + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: DICOM Proxy VB10A cves: @@ -2934,64 +2992,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: Somatom Scope Som5 VC50 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: evaluation ongoing - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: Somatom Emotion Som5 VC50 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: evaluation ongoing - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: go.All, Som10 VA20 / VA30 / VA40 cves: @@ -3545,6 +3545,93 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Somatom Emotion Som5 VC50 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Somatom Scope Som5 VC50 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A cves: @@ -3695,93 +3782,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: evaluation ongoing - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: Cios Select FD/I.I. VA21 / VA21-S3P - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: evaluation ongoing - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: Cios Flow S1 / Alpha / Spin VA30 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: evaluation ongoing - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: syngo.via WebViewer VA13B / VA20A / VA20B cves: @@ -3900,35 +3900,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Sierra Wireless - product: AM/AMM servers - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - vendor: Sierra Wireless product: AirVantage and Octave cloud platforms cves: @@ -3959,6 +3930,35 @@ software: references: - '' last_updated: '2022-01-05T00:00:00' + - vendor: Sierra Wireless + product: AM/AMM servers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' - vendor: Signald product: '' cves: @@ -4283,6 +4283,35 @@ software: references: - '' last_updated: '2022-01-12T07:18:55+00:00' + - vendor: Sn0m + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.snom.com/en/press/log4j-poses-no-threat-snom-phones/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:55+00:00' - vendor: Snakemake product: Snakemake cves: @@ -4313,35 +4342,6 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Sn0m - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.snom.com/en/press/log4j-poses-no-threat-snom-phones/ - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:55+00:00' - vendor: Snow Software product: Snow Commander cves: @@ -4644,35 +4644,6 @@ software: references: - '' last_updated: '2021-12-29T00:00:00' - - vendor: SonicWall - product: Capture Client & Capture Client Portal - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Log4j2 not used in the Capture Client. - references: - - '' - last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: Access Points cves: @@ -4760,6 +4731,35 @@ software: references: - '' last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Capture Client & Capture Client Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the Capture Client. + references: + - '' + last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: Capture Security Appliance cves: @@ -5553,7 +5553,7 @@ software: - '' last_updated: '2022-01-12T07:18:55+00:00' - vendor: Spacelabs Healthcare - product: XprezzNet + product: ABP cves: cve-2021-4104: investigated: false @@ -5565,7 +5565,128 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - '96190' + - OnTrak + - 90217A + - and 90207 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: CardioExpress + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - SL6A + - SL12A + - and SL18A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: DM3 and DM4 Monitors + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Eclipse Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: EVO + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -5640,6 +5761,245 @@ software: references: - '' last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Lifescreen Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Pathfinder SL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Qube + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '91390' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Qube Mini + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '91389' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: SafeNSound + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 4.3.1 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: Version >4.3.1 - Not Affected + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Sentinel + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Spacelabs Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Ultraview SL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '91367' + - '91369' + - '91370' + - and 91387 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' - vendor: Spacelabs Healthcare product: Xhibit Telemetry Receiver (XTR) cves: @@ -5701,6 +6061,36 @@ software: references: - '' last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: XprezzNet + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '96190' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' - vendor: Spacelabs Healthcare product: Xprezzon cves: @@ -5731,396 +6121,6 @@ software: references: - '' last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Qube - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - '91390' - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Qube Mini - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - '91389' - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Ultraview SL - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - '91367' - - '91369' - - '91370' - - and 91387 - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: DM3 and DM4 Monitors - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Sentinel - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Pathfinder SL - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Lifescreen Pro - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: EVO - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Eclipse Pro - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: CardioExpress - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - SL6A - - SL12A - - and SL18A - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: ABP - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - OnTrak - - 90217A - - and 90207 - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Spacelabs Cloud - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: SafeNSound - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: - - 4.3.1 - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: Version >4.3.1 - Not Affected - references: - - '' - last_updated: '2022-01-05T00:00:00' - vendor: Spambrella product: '' cves: @@ -6179,96 +6179,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Splunk - product: Splunk Add-On for Java Management Extensions [App ID 2647](https://splunkbase.splunk.com/app/2647) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 5.2.0 and older - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html - notes: '' - references: - - '' - last_updated: '2021-12-30T08:20:00-08:00' - - vendor: Splunk - product: Splunk Splunk Add-On for JBoss [App ID 2954](https://splunkbase.splunk.com/app/2954/) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 3.0.0 and older - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html - notes: '' - references: - - '' - last_updated: '2021-12-30T08:20:00-08:00' - - vendor: Splunk - product: Splunk Add-On for Tomcat [App ID 2911](https://splunkbase.splunk.com/app/2911/) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 3.0.0 and older - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html - notes: '' - references: - - '' - last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Data Stream Processor cves: @@ -6369,6 +6279,96 @@ software: references: - '' last_updated: '2021-12-30T08:20:00-08:00' + - vendor: Splunk + product: Splunk Add-On for Java Management Extensions [App ID 2647](https://splunkbase.splunk.com/app/2647) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 5.2.0 and older + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + last_updated: '2021-12-30T08:20:00-08:00' + - vendor: Splunk + product: Splunk Add-On for Tomcat [App ID 2911](https://splunkbase.splunk.com/app/2911/) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.0.0 and older + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + last_updated: '2021-12-30T08:20:00-08:00' + - vendor: Splunk + product: Splunk Application Performance Monitoring + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Connect for Kafka cves: @@ -6491,6 +6491,66 @@ software: references: - '' last_updated: '2021-12-30T08:20:00-08:00' + - vendor: Splunk + product: Splunk Infrastructure Monitoring + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + last_updated: '2021-12-30T08:20:00-08:00' + - vendor: Splunk + product: Splunk Log Observer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Logging Library for Java cves: @@ -6521,6 +6581,36 @@ software: references: - '' last_updated: '2021-12-30T08:20:00-08:00' + - vendor: Splunk + product: Splunk On-call / VictorOps + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk OVA for VMWare [App ID 3216](https://splunkbase.splunk.com/app/3216/) cves: @@ -6581,66 +6671,6 @@ software: references: - '' last_updated: '2021-12-30T08:20:00-08:00' - - vendor: Splunk - product: Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 1.1.1 and older - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html - notes: '' - references: - - '' - last_updated: '2021-12-30T08:20:00-08:00' - - vendor: Splunk - product: Splunk On-call / VictorOps - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - Current - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html - notes: '' - references: - - '' - last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Real User Monitoring cves: @@ -6672,7 +6702,7 @@ software: - '' last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk - product: Splunk Application Performance Monitoring + product: Splunk Splunk Add-On for JBoss [App ID 2954](https://splunkbase.splunk.com/app/2954/) cves: cve-2021-4104: investigated: false @@ -6682,67 +6712,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - Current - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html - notes: '' - references: - - '' - last_updated: '2021-12-30T08:20:00-08:00' - - vendor: Splunk - product: Splunk Infrastructure Monitoring - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - Current - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html - notes: '' - references: - - '' - last_updated: '2021-12-30T08:20:00-08:00' - - vendor: Splunk - product: Splunk Log Observer - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - Current + - 3.0.0 and older fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -6822,6 +6792,36 @@ software: references: - '' last_updated: '2021-12-30T08:20:00-08:00' + - vendor: Splunk + product: Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.1.1 and older + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html + notes: '' + references: + - '' + last_updated: '2021-12-30T08:20:00-08:00' - vendor: Sprecher Automation product: '' cves: @@ -6997,383 +6997,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: DSD Edge - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: EndoDry - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: RapidAER - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: Endora - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: Canexis 1.0 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: ConnectoHIS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: ScopeBuddy+ - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: DSD-201, - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: CER Optima - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: Renatron - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: ConnectAssure Technology - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: SPM Surgical Asset Tracking Software - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: CS-iQ Sterile Processing Workflow - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO 2000 SERIES WASHER DISINFECTORS cves: @@ -7432,209 +7055,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: AMSCO 5000 SERIES WASHER DISINFECTORS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: AMSCO 7000 SERIES WASHER DISINFECTORS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: RELIANCE 444 WASHER DISINFECTOR - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: RELIANCE SYNERGY WASHER DISINFECTOR - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: RELIANCE VISION 1300 SERIES CART AND UTENSIL WASHER DISINFECTORS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: RELIANCE VISION MULTI- CHAMBER WASHER DISINFECTOR - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: RELIANCE VISION SINGLE CHAMBER WASHER DISINFECTOR - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO 400 MEDIUM STEAM STERILIZER cves: @@ -7693,6 +7113,35 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO 5000 SERIES WASHER DISINFECTORS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO 600 MEDIUM STEAM STERILIZER cves: @@ -7722,6 +7171,35 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: AMSCO 7000 SERIES WASHER DISINFECTORS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO CENTURY MEDIUM STEAM STERILIZER cves: @@ -7867,6 +7345,35 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Canexis 1.0 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: CELERITY HP INCUBATOR cves: @@ -7926,7 +7433,790 @@ software: - '' last_updated: '2021-12-22T00:00:00' - vendor: STERIS - product: VERIFY INCUBATOR FOR ASSERT SELF-CONTAINED BIOLOGICAL INDICATORS + product: CER Optima + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Clarity Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Connect Software + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: ConnectAssure Technology + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: ConnectoHIS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: CS-iQ Sterile Processing Workflow + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: DSD Edge + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: DSD-201, + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: EndoDry + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Endora + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Harmony iQ Integration Systems + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Harmony iQ Perspectives Image Management System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: HexaVue + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: HexaVue Integration System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: IDSS Integration System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RapidAER + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: ReadyTracker + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RealView Visual Workflow Management System + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RELIANCE 444 WASHER DISINFECTOR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RELIANCE SYNERGY WASHER DISINFECTOR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RELIANCE VISION 1300 SERIES CART AND UTENSIL WASHER DISINFECTORS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RELIANCE VISION MULTI- CHAMBER WASHER DISINFECTOR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: RELIANCE VISION SINGLE CHAMBER WASHER DISINFECTOR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Renatron + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: ScopeBuddy+ + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: SecureCare ProConnect Technical Support Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: Situational Awareness for Everyone Display (S.A.F.E.) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: STERIS + product: SPM Surgical Asset Tracking Software cves: cve-2021-4104: investigated: false @@ -8129,297 +8419,7 @@ software: - '' last_updated: '2021-12-22T00:00:00' - vendor: STERIS - product: SecureCare ProConnect Technical Support Services - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: HexaVue Integration System - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: IDSS Integration System - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: Harmony iQ Integration Systems - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: HexaVue - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: Connect Software - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: Harmony iQ Perspectives Image Management System - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: Clarity Software - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: Situational Awareness for Everyone Display (S.A.F.E.) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: RealView Visual Workflow Management System - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: STERIS - product: ReadyTracker + product: VERIFY INCUBATOR FOR ASSERT SELF-CONTAINED BIOLOGICAL INDICATORS cves: cve-2021-4104: investigated: false diff --git a/data/cisagov_T.yml b/data/cisagov_T.yml index ff7a99e..de948b6 100644 --- a/data/cisagov_T.yml +++ b/data/cisagov_T.yml @@ -5,7 +5,7 @@ owners: url: https://github.com/cisagov/log4j-affected-db software: - vendor: Tableau - product: Tableau Server + product: Tableau Bridge cves: cve-2021-4104: investigated: false @@ -15,19 +15,19 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'The following versions and lower: 2021.4' - - 2021.3.4 - - 2021.2.5 - - 2021.1.8 - - 2020.4.11 - - 2020.3.14 - - 2020.2.19 - - 2020.1.22 - - 2019.4.25 - - 2019.3.26 - - 2019.2.29 - - 2019.1.29 - - 2018.3.29 + - 'The following versions and lower: 20214.21.1109.1748' + - 20213.21.1112.1434 + - 20212.21.0818.1843 + - 20211.21.0617.1133 + - 20204.21.0217.1203 + - 20203.20.0913.2112 + - 20202.20.0721.1350 + - 20201.20.0614.2321 + - 20194.20.0614.2307 + - 20193.20.0614.2306 + - 20192.19.0917.1648 + - 20191.19.0402.1911 + - 20183.19.0115.1143 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -191,7 +191,7 @@ software: - '' last_updated: '2021-12-22T00:00:00' - vendor: Tableau - product: Tableau Bridge + product: Tableau Server cves: cve-2021-4104: investigated: false @@ -201,19 +201,19 @@ software: cve-2021-44228: investigated: true affected_versions: - - 'The following versions and lower: 20214.21.1109.1748' - - 20213.21.1112.1434 - - 20212.21.0818.1843 - - 20211.21.0617.1133 - - 20204.21.0217.1203 - - 20203.20.0913.2112 - - 20202.20.0721.1350 - - 20201.20.0614.2321 - - 20194.20.0614.2307 - - 20193.20.0614.2306 - - 20192.19.0917.1648 - - 20191.19.0402.1911 - - 20183.19.0115.1143 + - 'The following versions and lower: 2021.4' + - 2021.3.4 + - 2021.2.5 + - 2021.1.8 + - 2020.4.11 + - 2020.3.14 + - 2020.2.19 + - 2020.1.22 + - 2019.4.25 + - 2019.3.26 + - 2019.2.29 + - 2019.1.29 + - 2018.3.29 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -556,6 +556,35 @@ software: references: - '' last_updated: '2022-01-12T07:18:56+00:00' + - vendor: Thales + product: CADP/SafeNet Protect App (PA) - JCE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CipherTrust Application Data Protection (CADP) – CAPI.net & Net Core cves: @@ -585,6 +614,64 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust Batch Data Transformation (BDT) 2.3 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust Cloud Key Manager (CCKM) Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CipherTrust Cloud Key Manager (CCKM) Embedded cves: @@ -701,6 +788,35 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust Vaulted Tokenization (CT-V) / SafeNet Tokenization Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CipherTrust Vaultless Tokenization (CTS, CT-VL) cves: @@ -730,6 +846,64 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: CipherTrust/SafeNet PDBCTL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Crypto Command Center (CCC) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Data Protection on Demand cves: @@ -904,6 +1078,35 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: payShield Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Thales product: ProtectServer HSMs cves: @@ -963,7 +1166,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Thales - product: SafeNet IDPrime Virtual + product: SafeNet eToken (all products) cves: cve-2021-4104: investigated: false @@ -992,7 +1195,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Thales - product: SafeNet eToken (all products) + product: SafeNet IDPrime Virtual cves: cve-2021-4104: investigated: false @@ -1078,6 +1281,35 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: SafeNet PKCS#11 and TDE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet ProtectApp (PA) CAPI, .Net & Net Core cves: @@ -1136,6 +1368,35 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Safenet ProtectFile and ProtectFile- Fuse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet ProtectV cves: @@ -1166,7 +1427,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Thales - product: Safenet ProtectFile and ProtectFile- Fuse + product: SafeNet SQL EKM cves: cve-2021-4104: investigated: false @@ -1253,36 +1514,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Thales - product: SafeNet PKCS#11 and TDE - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: SafeNet SQL EKM + product: SafeNet Vaultless Tokenization cves: cve-2021-4104: investigated: false @@ -1339,122 +1571,6 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: Sentinel EMS Enterprise OnPremise - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: Sentinel ESDaaS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: Sentinel Up - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: Sentinel RMS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel Connect cves: @@ -1485,7 +1601,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Thales - product: Sentinel Superdog, SuperPro, UltraPro, SHK + product: Sentinel EMS Enterprise aaS cves: cve-2021-4104: investigated: false @@ -1514,7 +1630,7 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Thales - product: Sentinel HASP, Legacy dog, Maze, Hardlock + product: Sentinel EMS Enterprise OnPremise cves: cve-2021-4104: investigated: false @@ -1572,7 +1688,269 @@ software: - '' last_updated: '2021-12-17T00:00:00' - vendor: Thales - product: Thales payShield 9000 + product: Sentinel ESDaaS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel HASP, Legacy dog, Maze, Hardlock + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel LDK EMS (LDK-EMS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel LDKaas (LDK-EMS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel Professional Services components (both Thales hosted & hosted + on-premises by customers) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel RMS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel SCL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel Superdog, SuperPro, UltraPro, SHK + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Sentinel Up + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Thales Data Platform (TDP)(DDC) cves: cve-2021-4104: investigated: false @@ -1629,6 +2007,35 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: Thales + product: Thales payShield 9000 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Thales payShield Manager cves: @@ -1774,8 +2181,8 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: payShield Monitor + - vendor: Thermo Fisher Scientific + product: '' cves: cve-2021-4104: investigated: false @@ -1798,389 +2205,11 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 + - https://corporate.thermofisher.com/us/en/index/about/information-security/Protecting-Our-Products.html notes: '' references: - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: CADP/SafeNet Protect App (PA) - JCE - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: CipherTrust Batch Data Transformation (BDT) 2.3 - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: CipherTrust Cloud Key Manager (CCKM) Appliance - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: CipherTrust Vaulted Tokenization (CT-V) / SafeNet Tokenization Manager - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: CipherTrust/SafeNet PDBCTL - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: Crypto Command Center (CCC) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: SafeNet Vaultless Tokenization - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: Sentinel LDK EMS (LDK-EMS) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: Sentinel LDKaas (LDK-EMS) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: Sentinel EMS Enterprise aaS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: Sentinel Professional Services components (both Thales hosted & hosted - on-premises by customers) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: Sentinel SCL - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: Thales - product: Thales Data Platform (TDP)(DDC) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 - notes: '' - references: - - '' - last_updated: '2021-12-17T00:00:00' + last_updated: '2021-12-22T00:00:00' - vendor: Thermo-Calc product: Thermo-Calc cves: @@ -2302,35 +2331,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: Thermo Fisher Scientific - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://corporate.thermofisher.com/us/en/index/about/information-security/Protecting-Our-Products.html - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: Thomson Reuters product: HighQ Appliance cves: @@ -2392,66 +2392,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:56+00:00' - - vendor: ThycoticCentrify - product: Secret Server - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md - notes: '' - references: - - '' - last_updated: '2021-12-10T00:00:00' - - vendor: ThycoticCentrify - product: Privilege Manager - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md - notes: '' - references: - - '' - last_updated: '2021-12-10T00:00:00' - vendor: ThycoticCentrify product: Account Lifecycle Manager cves: @@ -2483,37 +2423,7 @@ software: - '' last_updated: '2021-12-10T00:00:00' - vendor: ThycoticCentrify - product: Privileged Behavior Analytics - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - N/A - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md - notes: '' - references: - - '' - last_updated: '2021-12-10T00:00:00' - - vendor: ThycoticCentrify - product: DevOps Secrets Vault + product: Cloud Suite cves: cve-2021-4104: investigated: false @@ -2572,6 +2482,36 @@ software: references: - '' last_updated: '2021-12-10T00:00:00' + - vendor: ThycoticCentrify + product: DevOps Secrets Vault + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md + notes: '' + references: + - '' + last_updated: '2021-12-10T00:00:00' - vendor: ThycoticCentrify product: Password Reset Server cves: @@ -2603,7 +2543,67 @@ software: - '' last_updated: '2021-12-10T00:00:00' - vendor: ThycoticCentrify - product: Cloud Suite + product: Privilege Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md + notes: '' + references: + - '' + last_updated: '2021-12-10T00:00:00' + - vendor: ThycoticCentrify + product: Privileged Behavior Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - N/A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md + notes: '' + references: + - '' + last_updated: '2021-12-10T00:00:00' + - vendor: ThycoticCentrify + product: Secret Server cves: cve-2021-4104: investigated: false @@ -2952,10 +2952,40 @@ software: unaffected_versions: [] vendor_links: - https://docs.niagara-community.com/bundle/TechBulletin2021/resource/Dec_13_2021_NiagaraNotExposed_Apache_log4j.pdf - notes: Document access requires authentication. CISA is not able to validate vulnerability status. + notes: Document access requires authentication. CISA is not able to validate vulnerability + status. references: - '' last_updated: '2022-01-19T00:00:00' + - vendor: Trimble + product: eCognition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 10.2.0 Build 4618 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: Remediation steps provided by Trimble + references: + - '' + last_updated: '2021-12-23T00:00:00' - vendor: Tripp Lite product: LX Platform devices (includes WEBCARDLX, WEBCARDLXMINI, SRCOOLNETLX, SRCOOLNET2LX and devices with pre-installed or embedded WEBCARDLX interfaces) @@ -2987,8 +3017,7 @@ software: - '' last_updated: '2022-01-04T00:00:00' - vendor: Tripp Lite - product: SNMPWEBCARD, SRCOOLNET, SRCOOLNET2 and devices with pre-installed or - embedded SNMPWEBCARD + product: PowerAlert Local (PAL) cves: cve-2021-4104: investigated: false @@ -3012,12 +3041,13 @@ software: unaffected_versions: [] vendor_links: - https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf - notes: '' + notes: Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 + vulnerability. references: - '' last_updated: '2022-01-04T00:00:00' - vendor: Tripp Lite - product: PowerAlert Local (PAL) + product: PowerAlert Network Management System (PANMS) cves: cve-2021-4104: investigated: false @@ -3077,7 +3107,39 @@ software: - '' last_updated: '2022-01-04T00:00:00' - vendor: Tripp Lite - product: PowerAlert Network Management System (PANMS) + product: PowerAlertElement Manager (PAEM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.0.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf + notes: Tripp Lite will soon be issuing a patch in the form of PAEM 1.0.1 which + will contain a patched version of Log4j2 + references: + - '' + last_updated: '2022-01-04T00:00:00' + - vendor: Tripp Lite + product: SNMPWEBCARD, SRCOOLNET, SRCOOLNET2 and devices with pre-installed or + embedded SNMPWEBCARD cves: cve-2021-4104: investigated: false @@ -3101,8 +3163,7 @@ software: unaffected_versions: [] vendor_links: - https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf - notes: Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 - vulnerability. + notes: '' references: - '' last_updated: '2022-01-04T00:00:00' @@ -3135,37 +3196,6 @@ software: references: - '' last_updated: '2022-01-04T00:00:00' - - vendor: Tripp Lite - product: PowerAlertElement Manager (PAEM) - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 1.0.0 - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf - notes: Tripp Lite will soon be issuing a patch in the form of PAEM 1.0.1 which - will contain a patched version of Log4j2 - references: - - '' - last_updated: '2022-01-04T00:00:00' - vendor: Tripwire product: '' cves: @@ -3195,35 +3225,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:56+00:00' - - vendor: Trimble - product: eCognition - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 10.2.0 Build 4618 - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: [] - notes: Remediation steps provided by Trimble - references: - - '' - last_updated: '2021-12-23T00:00:00' - vendor: TrueNAS product: '' cves: diff --git a/data/cisagov_U.yml b/data/cisagov_U.yml index 7240ee1..0ce28f2 100644 --- a/data/cisagov_U.yml +++ b/data/cisagov_U.yml @@ -94,6 +94,36 @@ software: references: - '' last_updated: '2022-01-12T07:18:56+00:00' + - vendor: UiPath + product: InSights + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '20.10' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.uipath.com/legal/trust-and-security/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' - vendor: Umbraco product: '' cves: @@ -210,36 +240,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:56+00:00' - - vendor: UiPath - product: InSights - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - '20.10' - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.uipath.com/legal/trust-and-security/cve-2021-44228 - notes: '' - references: - - '' - last_updated: '2021-12-15T00:00:00' - vendor: USSIGNAL MSP product: '' cves: diff --git a/data/cisagov_V.yml b/data/cisagov_V.yml index 4d2e58d..9594d23 100644 --- a/data/cisagov_V.yml +++ b/data/cisagov_V.yml @@ -4,35 +4,6 @@ owners: - name: cisagov url: https://github.com/cisagov/log4j-affected-db software: - - vendor: VArmour - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:56+00:00' - vendor: Varian product: Acuity cves: @@ -63,36 +34,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: Varian - product: DITC - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: - - All - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: Varian product: ARIA Connect (Cloverleaf) cves: @@ -123,96 +64,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: Varian - product: ARIA oncology information system for Medical Oncology - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Varian - product: XMediusFax for ARIA oncology information system for Medical Oncology - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: - - All - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Varian - product: ARIA oncology information system for Radiation Oncology - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: Varian product: ARIA eDOC cves: @@ -244,7 +95,7 @@ software: - '' last_updated: '2021-12-22T00:00:00' - vendor: Varian - product: XMediusFax for ARIA oncology information system for Radiation Oncology + product: ARIA oncology information system for Medical Oncology cves: cve-2021-4104: investigated: false @@ -252,11 +103,41 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: - All + cve-2021-45046: + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: ARIA oncology information system for Radiation Oncology + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All cve-2021-45046: investigated: false affected_versions: [] @@ -393,6 +274,36 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: DITC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' - vendor: Varian product: DoseLab cves: @@ -573,6 +484,36 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: ICAP + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Identify cves: @@ -694,7 +635,7 @@ software: - '' last_updated: '2021-12-22T00:00:00' - vendor: Varian - product: ICAP + product: Mobius3D platform cves: cve-2021-4104: investigated: false @@ -724,7 +665,7 @@ software: - '' last_updated: '2021-12-22T00:00:00' - vendor: Varian - product: Mobius3D platform + product: PaaS cves: cve-2021-4104: investigated: false @@ -933,36 +874,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: Varian - product: PaaS - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: Varian product: TrueBeam radiotherapy system cves: @@ -1234,6 +1145,95 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: XMediusFax for ARIA oncology information system for Medical Oncology + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Varian + product: XMediusFax for ARIA oncology information system for Radiation Oncology + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: VArmour + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:56+00:00' - vendor: Varnish Software product: '' cves: @@ -1421,7 +1421,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] @@ -1678,6 +1678,71 @@ software: references: - '' last_updated: '2021-12-12T00:00:00' + - vendor: VMware + product: vCenter Server - OVA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 7.x + - 6.7.x + - 6.5.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081 + )' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: VMware + product: vCenter Server - Windows + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 6.7.x + - 6.5.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.vmware.com/security/advisories/VMSA-2021-0028.html + notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096 + )' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: VMware product: VMware Carbon Black Cloud Workload Appliance cves: @@ -2291,71 +2356,6 @@ software: references: - '' last_updated: '2021-12-12T00:00:00' - - vendor: VMware - product: vCenter Server - OVA - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 7.x - - 6.7.x - - 6.5.x - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.vmware.com/security/advisories/VMSA-2021-0028.html - notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081 - )' - references: - - '' - last_updated: '2021-12-17T00:00:00' - - vendor: VMware - product: vCenter Server - Windows - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 6.7.x - - 6.5.x - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.vmware.com/security/advisories/VMSA-2021-0028.html - notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096 - )' - references: - - '' - last_updated: '2021-12-17T00:00:00' - vendor: VMware product: VMware vRealize Automation cves: @@ -2614,7 +2614,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: '' affected_versions: [] diff --git a/data/cisagov_W.yml b/data/cisagov_W.yml index f8b1dae..b1651d2 100644 --- a/data/cisagov_W.yml +++ b/data/cisagov_W.yml @@ -150,36 +150,6 @@ software: references: - '' last_updated: '2022-01-12T07:18:56+00:00' - - vendor: WIBU Systems - product: CodeMeter Keyring for TIA Portal - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: - - 1.30 and prior - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf - notes: Only the Password Manager is affected - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: WIBU Systems product: CodeMeter Cloud Lite cves: @@ -210,6 +180,36 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: WIBU Systems + product: CodeMeter Keyring for TIA Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 1.30 and prior + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf + notes: Only the Password Manager is affected + references: + - '' + last_updated: '2021-12-22T00:00:00' - vendor: WindRiver product: '' cves: diff --git a/data/cisagov_X.yml b/data/cisagov_X.yml index 1235c42..e2f18a2 100644 --- a/data/cisagov_X.yml +++ b/data/cisagov_X.yml @@ -236,6 +236,35 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' + - vendor: Xylem + product: Configuration change complete + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Sensus Analytics cves: @@ -411,7 +440,7 @@ software: - '' last_updated: '2021-12-22T00:00:00' - vendor: Xylem - product: Sensus RNI Saas + product: Sensus RNI On Prem cves: cve-2021-4104: investigated: false @@ -443,7 +472,7 @@ software: - '' last_updated: '2021-12-22T00:00:00' - vendor: Xylem - product: Sensus RNI On Prem + product: Sensus RNI Saas cves: cve-2021-4104: investigated: false @@ -561,35 +590,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: Xylem - product: Configuration change complete - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf - notes: '' - references: - - '' - last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Xylem Cloud cves: From 1905279e0adf7be15a6d66d6b4749c1aed6a56d2 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Mon, 24 Jan 2022 17:40:46 -0500 Subject: [PATCH 05/10] Add files from the data reintegration process Add the files that were updated as part of the reintegration process. This process involved rebasing back to the original YAML conversion, updating those files, and then stepping through the rebase to integrate changes that have been made since. --- data/cisagov_B.yml | 16 +- data/cisagov_C.yml | 414 +++---- data/cisagov_D.yml | 40 +- data/cisagov_E.yml | 36 +- data/cisagov_F.yml | 136 +-- data/cisagov_G.yml | 52 +- data/cisagov_H.yml | 46 +- data/cisagov_I.yml | 58 +- data/cisagov_J.yml | 58 +- data/cisagov_K.yml | 22 +- data/cisagov_L.yml | 52 +- data/cisagov_M.yml | 66 +- data/cisagov_N.yml | 38 +- data/cisagov_O.yml | 30 +- data/cisagov_P.yml | 2748 ++++++++++++++++++++++++++++++++++++++++++ data/cisagov_Q.yml | 14 +- data/cisagov_R.yml | 2857 +++++++++++++++++++++++++++++++++++++++++++- data/cisagov_S.yml | 138 +-- data/cisagov_T.yml | 38 +- data/cisagov_U.yml | 14 +- data/cisagov_V.yml | 14 +- data/cisagov_W.yml | 24 +- data/cisagov_X.yml | 12 +- data/cisagov_Y.yml | 6 +- data/cisagov_Z.yml | 22 +- 25 files changed, 6277 insertions(+), 674 deletions(-) diff --git a/data/cisagov_B.yml b/data/cisagov_B.yml index 96dd688..5cb247d 100644 --- a/data/cisagov_B.yml +++ b/data/cisagov_B.yml @@ -4067,7 +4067,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: Symantec Protection Engine (SPE) cves: @@ -4096,7 +4096,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: Symantec Protection for SharePoint Servers (SPSS) cves: @@ -4125,7 +4125,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: VIP cves: @@ -4154,7 +4154,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: VIP Authentication Hub cves: @@ -4183,7 +4183,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: Web Isolation (WI) cves: @@ -4212,7 +4212,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: Web Security Service (WSS) cves: @@ -4241,7 +4241,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: WebPulse cves: @@ -4270,5 +4270,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_C.yml b/data/cisagov_C.yml index 60b11b6..b24be77 100644 --- a/data/cisagov_C.yml +++ b/data/cisagov_C.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Campbell Scientific product: All cves: @@ -90,7 +90,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Canary Labs product: All cves: @@ -408,7 +408,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Carestream product: '' cves: @@ -466,7 +466,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CAS genesisWorld product: '' cves: @@ -495,7 +495,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cato Networks product: '' cves: @@ -524,7 +524,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cepheid product: C360 cves: @@ -611,7 +611,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Chaser Systems product: discrimiNAT Firewall cves: @@ -641,7 +641,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: CloudGuard cves: @@ -671,7 +671,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: Harmony Endpoint & Harmony Mobile cves: @@ -701,7 +701,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: Infinity Portal cves: @@ -730,7 +730,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: Quantum Security Gateway cves: @@ -760,7 +760,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: Quantum Security Management cves: @@ -791,7 +791,7 @@ software: this attack by default. references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: SMB cves: @@ -821,7 +821,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: ThreatCloud cves: @@ -850,7 +850,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CheckMK product: '' cves: @@ -879,7 +879,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ciphermail product: '' cves: @@ -908,7 +908,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CircleCI product: CircleCI cves: @@ -966,7 +966,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: AppDynamics cves: @@ -995,7 +995,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco ACI Multi-Site Orchestrator cves: @@ -1024,7 +1024,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco ACI Virtual Edge cves: @@ -1053,7 +1053,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Adaptive Security Appliance (ASA) Software cves: @@ -1082,7 +1082,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Advanced Web Security Reporting Application cves: @@ -1111,7 +1111,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco AMP Virtual Private Cloud Appliance cves: @@ -1140,7 +1140,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco AnyConnect Secure Mobility Client cves: @@ -1169,7 +1169,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Application Policy Infrastructure Controller (APIC) cves: @@ -1198,7 +1198,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco ASR 5000 Series Routers cves: @@ -1227,7 +1227,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Broadcloud Calling cves: @@ -1256,7 +1256,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco BroadWorks cves: @@ -1285,7 +1285,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Catalyst 9800 Series Wireless Controllers cves: @@ -1314,7 +1314,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco CloudCenter Suite Admin cves: @@ -1343,7 +1343,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco CloudCenter Workload Manager cves: @@ -1372,7 +1372,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Cognitive Intelligence cves: @@ -1401,7 +1401,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Common Services Platform Collector cves: @@ -1430,7 +1430,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Computer Telephony Integration Object Server (CTIOS) cves: @@ -1459,7 +1459,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Connected Grid Device Manager cves: @@ -1488,7 +1488,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Connected Mobile Experiences cves: @@ -1517,7 +1517,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Connectivity cves: @@ -1546,7 +1546,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Contact Center Domain Manager (CCDM) cves: @@ -1575,7 +1575,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Contact Center Management Portal (CCMP) cves: @@ -1604,7 +1604,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Crosswork Change Automation cves: @@ -1633,7 +1633,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco CX Cloud Agent Software cves: @@ -1662,7 +1662,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Data Center Network Manager (DCNM) cves: @@ -1691,7 +1691,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Defense Orchestrator cves: @@ -1720,7 +1720,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco DNA Assurance cves: @@ -1749,7 +1749,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco DNA Center cves: @@ -1778,7 +1778,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco DNA Spaces cves: @@ -1807,7 +1807,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Elastic Services Controller (ESC) cves: @@ -1836,7 +1836,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Emergency Responder cves: @@ -1865,7 +1865,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Enterprise Chat and Email cves: @@ -1894,7 +1894,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Enterprise NFV Infrastructure Software (NFVIS) cves: @@ -1923,7 +1923,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Evolved Programmable Network Manager cves: @@ -1952,7 +1952,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Extensible Network Controller (XNC) cves: @@ -1981,7 +1981,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Finesse cves: @@ -2010,7 +2010,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Firepower Management Center cves: @@ -2039,7 +2039,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Firepower Threat Defense (FTD) cves: @@ -2068,7 +2068,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco GGSN Gateway GPRS Support Node cves: @@ -2097,7 +2097,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco HyperFlex System cves: @@ -2126,7 +2126,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Identity Services Engine (ISE) cves: @@ -2155,7 +2155,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Integrated Management Controller (IMC) Supervisor cves: @@ -2184,7 +2184,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Intersight cves: @@ -2213,7 +2213,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Intersight Virtual Appliance cves: @@ -2242,7 +2242,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IOS and IOS XE Software cves: @@ -2271,7 +2271,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System) @@ -2301,7 +2301,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IoT Operations Dashboard cves: @@ -2330,7 +2330,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IOx Fog Director cves: @@ -2359,7 +2359,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IP Services Gateway (IPSG) cves: @@ -2388,7 +2388,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Kinetic for Cities cves: @@ -2417,7 +2417,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco MDS 9000 Series Multilayer Switches cves: @@ -2446,7 +2446,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Meeting Server cves: @@ -2475,7 +2475,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco MME Mobility Management Entity cves: @@ -2504,7 +2504,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Modeling Labs cves: @@ -2533,7 +2533,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Assessment (CNA) Tool cves: @@ -2562,7 +2562,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Assurance Engine cves: @@ -2591,7 +2591,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Convergence System 2000 Series cves: @@ -2620,7 +2620,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Planner cves: @@ -2649,7 +2649,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Services Orchestrator (NSO) cves: @@ -2678,7 +2678,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 5500 Platform Switches cves: @@ -2707,7 +2707,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 5600 Platform Switches cves: @@ -2736,7 +2736,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 6000 Series Switches cves: @@ -2765,7 +2765,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 7000 Series Switches cves: @@ -2794,7 +2794,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode @@ -2824,7 +2824,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus Dashboard (formerly Cisco Application Services Engine) cves: @@ -2853,7 +2853,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus Data Broker cves: @@ -2882,7 +2882,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus Insights cves: @@ -2911,7 +2911,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Optical Network Planner cves: @@ -2940,7 +2940,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Packaged Contact Center Enterprise cves: @@ -2969,7 +2969,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Paging Server cves: @@ -2998,7 +2998,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Paging Server (InformaCast) cves: @@ -3027,7 +3027,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco PDSN/HA Packet Data Serving Node and Home Agent cves: @@ -3056,7 +3056,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco PGW Packet Data Network Gateway cves: @@ -3085,7 +3085,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Policy Suite cves: @@ -3114,7 +3114,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Central for Service Providers cves: @@ -3143,7 +3143,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Collaboration Manager cves: @@ -3172,7 +3172,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Collaboration Provisioning cves: @@ -3201,7 +3201,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Infrastructure cves: @@ -3230,7 +3230,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime License Manager cves: @@ -3259,7 +3259,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Network cves: @@ -3288,7 +3288,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Optical for Service Providers cves: @@ -3317,7 +3317,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Provisioning cves: @@ -3346,7 +3346,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Service Catalog cves: @@ -3375,7 +3375,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Registered Envelope Service cves: @@ -3404,7 +3404,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 1000 Series Routers cves: @@ -3433,7 +3433,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 2000 Series Routers cves: @@ -3462,7 +3462,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 5000 Series Routers cves: @@ -3491,7 +3491,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge Cloud Router Platform cves: @@ -3520,7 +3520,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vManage cves: @@ -3549,7 +3549,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Secure Network Analytics (SNA), formerly Stealthwatch cves: @@ -3578,7 +3578,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SocialMiner cves: @@ -3607,7 +3607,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco System Architecture Evolution Gateway (SAEGW) cves: @@ -3636,7 +3636,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco TelePresence Management Suite cves: @@ -3665,7 +3665,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco UCS Director cves: @@ -3694,7 +3694,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco UCS Performance Manager cves: @@ -3723,7 +3723,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Umbrella cves: @@ -3752,7 +3752,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Advanced cves: @@ -3781,7 +3781,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Business Edition cves: @@ -3810,7 +3810,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Department Edition cves: @@ -3839,7 +3839,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Enterprise Edition cves: @@ -3868,7 +3868,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Premium Edition cves: @@ -3897,7 +3897,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Communications Manager Cloud cves: @@ -3926,7 +3926,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Contact Center Enterprise cves: @@ -3955,7 +3955,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Contact Center Enterprise - Live Data server cves: @@ -3984,7 +3984,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Contact Center Express cves: @@ -4013,7 +4013,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Intelligent Contact Management Enterprise cves: @@ -4042,7 +4042,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified SIP Proxy Software cves: @@ -4071,7 +4071,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Video Surveillance Operations Manager cves: @@ -4100,7 +4100,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM cves: @@ -4129,7 +4129,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Virtualized Voice Browser cves: @@ -4158,7 +4158,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Vision Dynamic Signage Director cves: @@ -4187,7 +4187,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco WAN Automation Engine (WAE) cves: @@ -4216,7 +4216,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Web Security Appliance (WSA) cves: @@ -4245,7 +4245,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Webex Cloud-Connected UC (CCUC) cves: @@ -4274,7 +4274,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Webex Meetings Server cves: @@ -4303,7 +4303,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Webex Teams cves: @@ -4332,7 +4332,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Wide Area Application Services (WAAS) cves: @@ -4361,7 +4361,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Duo cves: @@ -4390,7 +4390,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: DUO network gateway (on-prem/self-hosted) cves: @@ -4418,7 +4418,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: duo network gateway (on-prem/self-hosted) cves: @@ -4446,7 +4446,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Exony Virtualized Interaction Manager (VIM) cves: @@ -4475,7 +4475,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Managed Services Accelerator (MSX) Network Access Control Service cves: @@ -4504,7 +4504,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Citrix product: Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) cves: @@ -4941,7 +4941,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: AM2CM Tool cves: @@ -4970,7 +4970,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Ambari cves: @@ -5001,7 +5001,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Arcadia Enterprise cves: @@ -5031,7 +5031,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDH, HDP, and HDF cves: @@ -5061,7 +5061,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDP Operational Database (COD) cves: @@ -5090,7 +5090,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDP Private Cloud Base cves: @@ -5120,7 +5120,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDS 3 Powered by Apache Spark cves: @@ -5150,7 +5150,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDS 3.2 for GPUs cves: @@ -5180,7 +5180,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Cybersecurity Platform cves: @@ -5210,7 +5210,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Engineering (CDE) cves: @@ -5239,7 +5239,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Engineering (CDE) cves: @@ -5269,7 +5269,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Flow (CFM) cves: @@ -5298,7 +5298,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Science Workbench (CDSW) cves: @@ -5329,7 +5329,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Visualization (CDV) cves: @@ -5358,7 +5358,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Warehouse (CDW) cves: @@ -5387,7 +5387,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Warehouse (CDW) cves: @@ -5417,7 +5417,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera DataFlow (CDF) cves: @@ -5446,7 +5446,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Edge Management (CEM) cves: @@ -5476,7 +5476,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Enterprise cves: @@ -5506,7 +5506,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Flow Management (CFM) cves: @@ -5536,7 +5536,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Machine Learning (CML) cves: @@ -5565,7 +5565,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Machine Learning (CML) cves: @@ -5595,7 +5595,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) @@ -5626,7 +5626,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) @@ -5659,7 +5659,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR)) cves: @@ -5688,7 +5688,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Runtime (including Cloudera Data Hub and all Data Hub templates) cves: @@ -5720,7 +5720,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Stream Processing (CSP) cves: @@ -5750,7 +5750,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Streaming Analytics (CSA) cves: @@ -5779,7 +5779,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Streaming Analytics (CSA) cves: @@ -5808,7 +5808,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Data Analytics Studio (DAS) cves: @@ -5837,7 +5837,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Data Catalog cves: @@ -5866,7 +5866,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Data Lifecycle Manager (DLM) cves: @@ -5895,7 +5895,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Data Steward Studio (DSS) cves: @@ -5925,7 +5925,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Hortonworks Data Flow (HDF) cves: @@ -5954,7 +5954,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Hortonworks Data Platform (HDP) cves: @@ -5986,7 +5986,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Hortonworks DataPlane Platform cves: @@ -6015,7 +6015,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Management Console cves: @@ -6045,7 +6045,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Management Console for CDP Public Cloud cves: @@ -6074,7 +6074,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Replication Manager cves: @@ -6103,7 +6103,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: SmartSense cves: @@ -6132,7 +6132,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Workload Manager cves: @@ -6161,7 +6161,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Workload XM cves: @@ -6191,7 +6191,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Workload XM (SaaS) cves: @@ -6220,7 +6220,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CloudFlare product: '' cves: @@ -6249,7 +6249,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudian HyperStore product: '' cves: @@ -6278,7 +6278,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudogu product: Ecosystem cves: @@ -6308,7 +6308,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudogu product: SCM-Manager cves: @@ -6337,7 +6337,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudron product: '' cves: @@ -6366,7 +6366,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Clover product: '' cves: @@ -6395,7 +6395,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Code42 product: Code42 App cves: @@ -6486,7 +6486,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Codesys product: '' cves: @@ -6515,7 +6515,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cohesity product: '' cves: @@ -6544,7 +6544,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CommVault product: '' cves: @@ -6573,7 +6573,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Concourse product: Concourse cves: @@ -6602,7 +6602,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ConcreteCMS.com product: '' cves: @@ -6631,7 +6631,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Confluent product: Confluent Cloud cves: @@ -6960,7 +6960,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ConnectWise product: '' cves: @@ -6989,7 +6989,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ContrastSecurity product: '' cves: @@ -7018,7 +7018,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ControlUp product: '' cves: @@ -7047,7 +7047,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: COPADATA product: All cves: @@ -7105,7 +7105,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CPanel product: '' cves: @@ -7134,7 +7134,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cradlepoint product: '' cves: @@ -7163,7 +7163,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Crestron product: '' cves: @@ -7221,7 +7221,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CryptShare product: '' cves: @@ -7250,7 +7250,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CyberArk product: Privileged Threat Analytics (PTA) cves: @@ -7310,7 +7310,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CyberRes product: '' cves: @@ -7339,5 +7339,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_D.yml b/data/cisagov_D.yml index 1a63d55..f8738da 100644 --- a/data/cisagov_D.yml +++ b/data/cisagov_D.yml @@ -615,7 +615,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dassault Systèmes product: '' cves: @@ -644,7 +644,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Databricks product: '' cves: @@ -673,7 +673,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Datadog product: Datadog Agent cves: @@ -706,7 +706,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dataminer product: '' cves: @@ -735,7 +735,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Datev product: '' cves: @@ -764,7 +764,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Datto product: '' cves: @@ -793,7 +793,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: dCache.org product: '' cves: @@ -822,7 +822,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Debian product: '' cves: @@ -851,7 +851,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Deepinstinct product: '' cves: @@ -880,7 +880,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dell product: '"Dell EMC PowerMax VMAX VMAX3 and VMAX AFA"' cves: @@ -8305,7 +8305,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Device42 product: '' cves: @@ -8334,7 +8334,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Devolutions product: All products cves: @@ -8363,7 +8363,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Diebold Nixdorf product: '' cves: @@ -8392,7 +8392,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Digi International product: AnywhereUSB Manager cves: @@ -9552,7 +9552,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Digital AI product: '' cves: @@ -9581,7 +9581,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Digital Alert Systems product: All cves: @@ -9639,7 +9639,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Docker product: '' cves: @@ -9668,7 +9668,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Docusign product: '' cves: @@ -9697,7 +9697,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: DrayTek product: Vigor Routers, Access Points, Switches, VigorACS Central Management Software, MyVigor Platform @@ -9756,7 +9756,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dynatrace product: ActiveGate cves: diff --git a/data/cisagov_E.yml b/data/cisagov_E.yml index 8643da5..1578987 100644 --- a/data/cisagov_E.yml +++ b/data/cisagov_E.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Eaton product: Undisclosed cves: @@ -64,7 +64,7 @@ software: wall. references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: EclecticIQ product: '' cves: @@ -93,7 +93,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Eclipse Foundation product: '' cves: @@ -122,7 +122,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Edwards product: '' cves: @@ -180,7 +180,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: EGroupware product: '' cves: @@ -209,7 +209,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Elastic product: APM Java Agent cves: @@ -793,7 +793,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ellucian product: Admin cves: @@ -4249,7 +4249,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ESET product: '' cves: @@ -4278,7 +4278,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ESRI product: ArcGIS Data Store cves: @@ -4493,7 +4493,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Evolveum Midpoint product: '' cves: @@ -4522,7 +4522,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ewon product: '' cves: @@ -4551,7 +4551,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Exabeam product: '' cves: @@ -4581,7 +4581,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Exact product: '' cves: @@ -4610,7 +4610,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Exivity product: '' cves: @@ -4639,7 +4639,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ExtraHop product: Reveal(x) cves: @@ -4700,7 +4700,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Extreme Networks product: '' cves: @@ -4729,7 +4729,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Extron product: '' cves: @@ -4758,5 +4758,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_F.yml b/data/cisagov_F.yml index 054ebe8..8598911 100644 --- a/data/cisagov_F.yml +++ b/data/cisagov_F.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Endpoint Proxy cves: @@ -62,7 +62,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Messaging Security Gateway cves: @@ -91,7 +91,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Policy Manager cves: @@ -121,7 +121,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Policy Manager Proxy cves: @@ -151,7 +151,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: BIG-IP (all modules) cves: @@ -181,7 +181,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: BIG-IQ Centralized Management cves: @@ -211,7 +211,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: F5OS cves: @@ -241,7 +241,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX App Protect cves: @@ -271,7 +271,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Controller cves: @@ -301,7 +301,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Ingress Controller cves: @@ -331,7 +331,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Instance Manager cves: @@ -361,7 +361,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Open Source cves: @@ -391,7 +391,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Plus cves: @@ -421,7 +421,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Service Mesh cves: @@ -451,7 +451,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Unit cves: @@ -481,7 +481,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: Traffix SDC cves: @@ -513,7 +513,7 @@ software: Kibana), Element Management System' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FAST LTA product: '' cves: @@ -542,7 +542,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fastly product: '' cves: @@ -571,7 +571,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FedEx product: Ship Manager Software cves: @@ -668,7 +668,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FileCatalyst product: '' cves: @@ -697,7 +697,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FileCloud product: '' cves: @@ -726,7 +726,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FileWave product: '' cves: @@ -755,7 +755,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FINVI product: '' cves: @@ -784,7 +784,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FireDaemon product: '' cves: @@ -813,7 +813,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fisher & Paykel Healthcare product: '' cves: @@ -871,7 +871,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Flexera product: '' cves: @@ -900,7 +900,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: DLP Manager cves: @@ -929,7 +929,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: Forcepoint Cloud Security Gateway (CSG) cves: @@ -958,7 +958,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: Next Generation Firewall (NGFW) cves: @@ -987,7 +987,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service and Sidewinder @@ -1017,7 +1017,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: One Endpoint cves: @@ -1046,7 +1046,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: Security Manager (Web, Email and DLP) cves: @@ -1075,7 +1075,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forescout product: '' cves: @@ -1104,7 +1104,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ForgeRock product: Autonomous Identity cves: @@ -1133,7 +1133,7 @@ software: notes: all other ForgeRock products Not vulnerable references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAIOps cves: @@ -1162,7 +1162,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAnalyzer cves: @@ -1191,7 +1191,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAnalyzer Cloud cves: @@ -1220,7 +1220,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAP cves: @@ -1249,7 +1249,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAuthenticator cves: @@ -1278,7 +1278,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiCASB cves: @@ -1307,7 +1307,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiConvertor cves: @@ -1336,7 +1336,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiDeceptor cves: @@ -1365,7 +1365,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiEDR Agent cves: @@ -1394,7 +1394,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiEDR Cloud cves: @@ -1423,7 +1423,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiGate Cloud cves: @@ -1452,7 +1452,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiGSLB Cloud cves: @@ -1481,7 +1481,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiMail cves: @@ -1510,7 +1510,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiManager cves: @@ -1539,7 +1539,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiManager Cloud cves: @@ -1568,7 +1568,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiNAC cves: @@ -1597,7 +1597,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiNAC cves: @@ -1626,7 +1626,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiOS (includes FortiGate & FortiWiFi) cves: @@ -1655,7 +1655,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiPhish Cloud cves: @@ -1684,7 +1684,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiPolicy cves: @@ -1713,7 +1713,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiPortal cves: @@ -1742,7 +1742,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiRecorder cves: @@ -1771,7 +1771,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiSIEM cves: @@ -1800,7 +1800,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiSOAR cves: @@ -1829,7 +1829,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiSwicth Cloud in FortiLANCloud cves: @@ -1858,7 +1858,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiSwitch & FortiSwitchManager cves: @@ -1887,7 +1887,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiToken Cloud cves: @@ -1916,7 +1916,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiVoice cves: @@ -1945,7 +1945,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiWeb Cloud cves: @@ -1974,7 +1974,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: ShieldX cves: @@ -2003,7 +2003,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FTAPI product: '' cves: @@ -2032,7 +2032,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fujitsu product: '' cves: @@ -2061,7 +2061,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FusionAuth product: FusionAuth cves: @@ -2091,5 +2091,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_G.yml b/data/cisagov_G.yml index dce5a0e..88012b6 100644 --- a/data/cisagov_G.yml +++ b/data/cisagov_G.yml @@ -270,7 +270,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Genesys product: '' cves: @@ -299,7 +299,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GeoServer product: '' cves: @@ -328,7 +328,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gerrit code review product: '' cves: @@ -357,7 +357,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GFI product: '' cves: @@ -386,7 +386,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ghidra product: '' cves: @@ -415,7 +415,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gigamon product: Fabric Manager cves: @@ -505,7 +505,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Globus product: '' cves: @@ -534,7 +534,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GoAnywhere product: Gateway cves: @@ -4657,7 +4657,7 @@ software: notes: Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gradle product: Gradle Enterprise cves: @@ -4687,7 +4687,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gradle product: Gradle Enterprise Build Cache Node cves: @@ -4717,7 +4717,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gradle product: Gradle Enterprise Test Distribution Agent cves: @@ -4747,7 +4747,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Grafana product: '' cves: @@ -4776,7 +4776,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Grandstream product: '' cves: @@ -4805,7 +4805,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Access Management cves: @@ -4835,7 +4835,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Access Management cves: @@ -4865,7 +4865,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Alert Engine cves: @@ -4895,7 +4895,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Alert Engine cves: @@ -4925,7 +4925,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: API Management cves: @@ -4955,7 +4955,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: API Management cves: @@ -4985,7 +4985,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Cockpit cves: @@ -5015,7 +5015,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee.io product: '' cves: @@ -5044,7 +5044,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravwell product: '' cves: @@ -5073,7 +5073,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Graylog product: Graylog Server cves: @@ -5103,7 +5103,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GreenShot product: '' cves: @@ -5132,7 +5132,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GSA product: Cloud.gov cves: @@ -5190,5 +5190,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_H.yml b/data/cisagov_H.yml index 31674d6..b9d31cf 100644 --- a/data/cisagov_H.yml +++ b/data/cisagov_H.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HarmanPro AMX product: '' cves: @@ -61,7 +61,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Boundary cves: @@ -90,7 +90,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Consul cves: @@ -119,7 +119,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Consul Enterprise cves: @@ -148,7 +148,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Nomad cves: @@ -177,7 +177,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Nomad Enterprise cves: @@ -206,7 +206,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Packer cves: @@ -235,7 +235,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Terraform cves: @@ -264,7 +264,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Terraform Enterprise cves: @@ -293,7 +293,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Vagrant cves: @@ -322,7 +322,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Vault cves: @@ -351,7 +351,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Vault Enterprise cves: @@ -380,7 +380,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Waypoint cves: @@ -409,7 +409,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HCL Software product: BigFix Compliance cves: @@ -648,7 +648,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HENIX product: Squash TM cves: @@ -709,7 +709,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Hikvision product: '' cves: @@ -738,7 +738,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Hitachi Energy product: 3rd party - Elastic Search, Kibana cves: @@ -925,7 +925,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Hitachi Energy product: FOXMAN-UN cves: @@ -1332,7 +1332,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HMS Industrial Networks AB product: Cosy, Flexy and Ewon CD cves: @@ -2006,7 +2006,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HP product: Teradici Cloud Access Controller cves: @@ -5387,7 +5387,7 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: [] @@ -5958,7 +5958,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Hubspot product: '' cves: @@ -5987,5 +5987,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_I.yml b/data/cisagov_I.yml index f07aca1..557f031 100644 --- a/data/cisagov_I.yml +++ b/data/cisagov_I.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: I2P product: '' cves: @@ -61,7 +61,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBA-AG product: '' cves: @@ -90,7 +90,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ibexa product: '' cves: @@ -119,7 +119,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Analytics Engine cves: @@ -437,7 +437,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: BigFix Inventory cves: @@ -468,7 +468,7 @@ software: of log4j is included. Version is included in the name of the library. references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Block Storage cves: @@ -3198,7 +3198,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Mass Data Migration cves: @@ -3808,7 +3808,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Robotic Process Automation cves: @@ -4010,7 +4010,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Spectrum Archive Library Edition cves: @@ -5663,7 +5663,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IGEL product: '' cves: @@ -5692,7 +5692,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ignite Realtime product: '' cves: @@ -5721,7 +5721,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: iGrafx product: '' cves: @@ -5750,7 +5750,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Illuminated Cloud product: '' cves: @@ -5779,7 +5779,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Illumio product: C-VEN cves: @@ -6185,7 +6185,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Imperva product: '' cves: @@ -6214,7 +6214,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Inductive Automation product: Ignition cves: @@ -6274,7 +6274,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: infinidat product: '' cves: @@ -6303,7 +6303,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: InfluxData product: '' cves: @@ -6332,7 +6332,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Infoblox product: '' cves: @@ -6361,7 +6361,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Informatica product: '' cves: @@ -6390,7 +6390,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Instana product: '' cves: @@ -6419,7 +6419,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Instructure product: '' cves: @@ -6448,7 +6448,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Intel product: Audio Development Kit cves: @@ -6828,7 +6828,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Intland product: codebeamer cves: @@ -6860,7 +6860,7 @@ software: and [21.09](https://codebeamer.com/cb/wiki/19418497), but not yet for [21.04](https://codebeamer.com/cb/wiki/16937839) references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IPRO product: Netgovern cves: @@ -6888,7 +6888,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: iRedMail product: '' cves: @@ -6917,7 +6917,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ironnet product: '' cves: @@ -6946,7 +6946,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ISLONLINE product: '' cves: @@ -6975,7 +6975,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ivanti product: Application Control for Linux cves: diff --git a/data/cisagov_J.yml b/data/cisagov_J.yml index c5139ee..d58b98c 100644 --- a/data/cisagov_J.yml +++ b/data/cisagov_J.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jamf product: Jamf Pro cves: @@ -62,7 +62,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Janitza product: GridVis cves: @@ -121,7 +121,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jedox product: '' cves: @@ -150,7 +150,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jenkins product: CI/CD Core cves: @@ -178,7 +178,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jenkins product: Plugins cves: @@ -238,7 +238,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jetbrains product: Code With Me cves: @@ -268,7 +268,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Datalore cves: @@ -298,7 +298,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Floating license server cves: @@ -328,7 +328,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Gateway cves: @@ -358,7 +358,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Hub cves: @@ -388,7 +388,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, @@ -420,7 +420,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Kotlin cves: @@ -450,7 +450,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Ktor cves: @@ -480,7 +480,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: MPS cves: @@ -510,7 +510,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Space cves: @@ -540,7 +540,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: TeamCity cves: @@ -570,7 +570,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: ToolBox cves: @@ -600,7 +600,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: UpSource cves: @@ -630,7 +630,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: YouTrack InCloud cves: @@ -660,7 +660,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: YouTrack Standalone cves: @@ -690,7 +690,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JFROG product: '' cves: @@ -719,7 +719,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jitsi product: '' cves: @@ -748,7 +748,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jitterbit product: '' cves: @@ -777,7 +777,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Johnson Controls product: BCPro cves: @@ -1646,7 +1646,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: jPOS product: (ISO-8583) bridge cves: @@ -1676,7 +1676,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jump Desktop product: '' cves: @@ -1705,7 +1705,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Juniper Networks product: '' cves: @@ -1734,7 +1734,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Justice Systems product: '' cves: @@ -1763,5 +1763,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_K.yml b/data/cisagov_K.yml index 79eb59c..7149f4a 100644 --- a/data/cisagov_K.yml +++ b/data/cisagov_K.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: K6 product: '' cves: @@ -61,7 +61,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Karakun product: '' cves: @@ -90,7 +90,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Kaseya product: '' cves: @@ -119,7 +119,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Keeper Security product: '' cves: @@ -148,7 +148,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: KEMP product: '' cves: @@ -177,7 +177,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: KEMP 2 product: '' cves: @@ -206,7 +206,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Kofax product: '' cves: @@ -235,7 +235,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Konica Minolta product: '' cves: @@ -264,7 +264,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Kronos UKG product: '' cves: @@ -293,7 +293,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Kyberna product: '' cves: @@ -322,5 +322,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_L.yml b/data/cisagov_L.yml index ee4821e..a1ffc81 100644 --- a/data/cisagov_L.yml +++ b/data/cisagov_L.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: L3Harris Geospatial product: '' cves: @@ -61,7 +61,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lancom Systems product: '' cves: @@ -90,7 +90,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lansweeper product: '' cves: @@ -119,7 +119,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Laserfiche product: '' cves: @@ -148,7 +148,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LastPass product: '' cves: @@ -177,7 +177,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LaunchDarkly product: '' cves: @@ -206,7 +206,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Leanix product: '' cves: @@ -235,7 +235,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Leica BIOSYSTEMS product: Aperio AT2 cves: @@ -2415,7 +2415,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Let's Encrypt product: '' cves: @@ -2444,7 +2444,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LibreNMS product: '' cves: @@ -2473,7 +2473,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LifeRay product: '' cves: @@ -2502,7 +2502,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LifeSize product: '' cves: @@ -2531,7 +2531,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lightbend product: '' cves: @@ -2560,7 +2560,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lime CRM product: '' cves: @@ -2589,7 +2589,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LIONGARD product: '' cves: @@ -2618,7 +2618,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LiquidFiles product: '' cves: @@ -2647,7 +2647,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LiveAction product: '' cves: @@ -2676,7 +2676,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Loftware product: '' cves: @@ -2705,7 +2705,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LOGalyze product: SIEM & log analyzer tool cves: @@ -2766,7 +2766,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LogicMonitor product: LogicMonitor Platform cves: @@ -2795,7 +2795,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LogMeIn product: '' cves: @@ -2824,7 +2824,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LogRhythm product: '' cves: @@ -2853,7 +2853,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Looker product: Looker cves: @@ -2888,7 +2888,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LucaNet product: '' cves: @@ -2917,7 +2917,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lucee product: '' cves: @@ -2946,7 +2946,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lyrasis product: Fedora Repository cves: diff --git a/data/cisagov_M.yml b/data/cisagov_M.yml index 42ad7ab..b87271f 100644 --- a/data/cisagov_M.yml +++ b/data/cisagov_M.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Maltego product: '' cves: @@ -61,7 +61,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ManageEngine product: AD SelfService Plus cves: @@ -149,7 +149,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ManageEngine Zoho product: ADAudit Plus cves: @@ -526,7 +526,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MathWorks product: All MathWorks general release desktop or server products cves: @@ -644,7 +644,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mattermost FocalBoard product: '' cves: @@ -673,7 +673,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: McAfee product: Data Exchange Layer (DXL) Client cves: @@ -1549,7 +1549,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MEINBERG product: LANTIME and microSync cves: @@ -1607,7 +1607,7 @@ software: notes: Project is written in Python references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Memurai product: '' cves: @@ -1704,7 +1704,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure Application Gateway cves: @@ -1733,7 +1733,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure Data lake store java cves: @@ -1763,7 +1763,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure Data lake store java cves: @@ -1793,7 +1793,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure DevOps cves: @@ -1822,7 +1822,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure DevOps Server cves: @@ -1852,7 +1852,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure Traffic Manager cves: @@ -1881,7 +1881,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Team Foundation Server cves: @@ -1911,7 +1911,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microstrategy product: '' cves: @@ -1998,7 +1998,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Milestone sys product: '' cves: @@ -2027,7 +2027,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mimecast product: '' cves: @@ -2056,7 +2056,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Minecraft product: '' cves: @@ -2085,7 +2085,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mirantis product: '' cves: @@ -2114,7 +2114,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Miro product: '' cves: @@ -2143,7 +2143,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mitel product: '' cves: @@ -2172,7 +2172,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MMM Group product: Control software of all MMM series cves: @@ -2260,7 +2260,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Atlas Search cves: @@ -2289,7 +2289,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators) @@ -2319,7 +2319,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Drivers cves: @@ -2348,7 +2348,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, Enterprise Kubernetes Operators) @@ -2378,7 +2378,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Realm (including Realm Database, Sync, Functions, APIs) cves: @@ -2407,7 +2407,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas CLI, Database Connectors) @@ -2437,7 +2437,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Moodle product: '' cves: @@ -2466,7 +2466,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MoogSoft product: '' cves: @@ -2495,7 +2495,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Motorola Avigilon product: '' cves: @@ -2586,7 +2586,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mulesoft product: Anypoint Studio cves: diff --git a/data/cisagov_N.yml b/data/cisagov_N.yml index bcb7474..596c681 100644 --- a/data/cisagov_N.yml +++ b/data/cisagov_N.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nagios product: '' cves: @@ -61,7 +61,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NAKIVO product: '' cves: @@ -90,7 +90,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: National Instruments product: OptimalPlus cves: @@ -182,7 +182,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Netcup product: '' cves: @@ -211,7 +211,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NetGate PFSense product: '' cves: @@ -240,7 +240,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Netwrix product: '' cves: @@ -269,7 +269,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: New Relic product: Containerized Private Minion (CPM) cves: @@ -360,7 +360,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nextflow product: Nextflow cves: @@ -448,7 +448,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NinjaRMM product: '' cves: @@ -478,7 +478,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nomachine product: '' cves: @@ -507,7 +507,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NoviFlow product: '' cves: @@ -536,7 +536,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Backlog cves: @@ -566,7 +566,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Backlog Enterprise (On-premises) cves: @@ -596,7 +596,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Cacoo cves: @@ -626,7 +626,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Cacoo Enterprise (On-premises) cves: @@ -656,7 +656,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Typetalk cves: @@ -686,7 +686,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nutanix product: AHV cves: @@ -1758,7 +1758,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NXLog product: '' cves: @@ -1787,5 +1787,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_O.yml b/data/cisagov_O.yml index 89b0d7b..bf866b1 100644 --- a/data/cisagov_O.yml +++ b/data/cisagov_O.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OCLC product: '' cves: @@ -61,7 +61,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Octopus product: '' cves: @@ -90,7 +90,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Okta product: Advanced Server Access cves: @@ -440,7 +440,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Opengear product: '' cves: @@ -469,7 +469,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OpenMRS TALK product: '' cves: @@ -498,7 +498,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OpenNMS product: '' cves: @@ -527,7 +527,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OpenSearch product: '' cves: @@ -556,7 +556,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OpenText product: '' cves: @@ -833,7 +833,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Osirium product: PAM cves: @@ -862,7 +862,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Osirium product: PEM cves: @@ -891,7 +891,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Osirium product: PPA cves: @@ -920,7 +920,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OTRS product: '' cves: @@ -949,7 +949,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OVHCloud product: '' cves: @@ -978,7 +978,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OwnCloud product: '' cves: @@ -1007,7 +1007,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OxygenXML product: Author cves: diff --git a/data/cisagov_P.yml b/data/cisagov_P.yml index 4dbb587..c0bd941 100644 --- a/data/cisagov_P.yml +++ b/data/cisagov_P.yml @@ -36,4 +36,2752 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Palantir + product: Palantir AI Inference Platform (AIP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: Fully remediated as of 1.97.0. Disconnected customer instances may require + manual updates. + references: + - '' + last_updated: '2021-12-19T00:00:00' + - vendor: Palantir + product: Palantir Apollo + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: No impact, and updates have been deployed for full remediation. + references: + - '' + last_updated: '2021-12-19T00:00:00' + - vendor: Palantir + product: Palantir Foundry + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: No impact to Palantir-hosted or Apollo-connected instances, and updates + have been deployed for full remediation. Disconnected customer instances may + require manual updates. + references: + - '' + last_updated: '2021-12-19T00:00:00' + - vendor: Palantir + product: Palantir Gotham + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: No impact to Palantir-hosted or Apollo-connected instances, and updates + have been deployed for full remediation. Disconnected customer instances may + require manual updates. + references: + - '' + last_updated: '2021-12-19T00:00:00' + - vendor: Palo-Alto Networks + product: Bridgecrew + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: CloudGenix + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Cortex Data Lake + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Cortex XDR Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Cortex Xpanse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Cortex XSOAR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Expedition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: GlobalProtect App + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: IoT Security + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Okyo Grade + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Palo-Alto Networks-OS for Firewall and Wildfire + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Palo-Alto Networks-OS for Panorama + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '9.0' + - '9.1' + - '10.0' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will + be updated when hot fixes for the affected Panorama versions are available. + PAN-OS for Panorama versions 8.1, 10.1 are not affected. + last_updated: '2021-12-15T00:00:00' + - vendor: Palo-Alto Networks + product: Prisma Access + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Prisma Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Prisma Cloud Compute + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: SaaS Security + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: User-ID Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: WildFire Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: WildFire Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Panopto + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PaperCut + product: PaperCut MF + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 21.0 and later + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.papercut.com/support/known-issues/?id=PO-684#ng + notes: Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted + by this. Workaround manual steps available in reference. Upgrade to PaperCut + NG/MF version 21.2.3 Now Available to resolve. + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: PaperCut + product: PaperCut NG + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 21.0 and later + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.papercut.com/support/known-issues/?id=PO-684#ng + notes: Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted + by this. Workaround manual steps available in reference. Upgrade to PaperCut + NG/MF version 21.2.3 Now Available to resolve. + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Parallels + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.parallels.com/en/128696 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Parse.ly + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.parse.ly/parse-ly-log4shell/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PBXMonitor + product: RMM for 3CX PBX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.pbxmonitor.net/changelog.php + notes: Mirror Servers were also checked to ensure Log4J was not installed or being + used by any of our systems. + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Pega + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pentaho + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho- + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pepperl+Fuchs + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.pepperl-fuchs.com/global/en/29079.htm + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Percona + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.percona.com/blog/log4jshell-vulnerability-update/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pexip + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Phenix Id + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.phenixid.se/uncategorized/log4j-fix/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Philips + product: Multiple products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.philips.com/a-w/security/security-advisories.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PHOENIX CONTACT + product: Cloud Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf + notes: Partly affected. Remediations are being implemented. + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: PHOENIX CONTACT + product: Physical products containing firmware + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: PHOENIX CONTACT + product: Software Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Ping Identity + product: PingAccess + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.0 <= version <= 6.3.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingCentral + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingFederate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.0 <= version <= 10.3.4 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingFederate Java Integration Kit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 2.7.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingFederate OAuth Playground + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 4.3.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingIntelligence + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pitney Bowes + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.pitneybowes.com/us/support/apache-log4j-vulnerability.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Planmeca + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.planmeca.com/apache-log4j-vulnerability-in-planmeca-products/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Planon Software + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.planonsoftware.com/uk/news/log4j-impact-on-planon/ + notes: This advisory is available for customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Platform.SH + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://platform.sh/blog/2021/platformsh-protects-from-apache-log4j/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Plesk + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Plex + product: Plex Industrial IoT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: The product has been updated to Log4j version 2.15. An additional patch + is being developed to update to 2.16. No user interaction is required. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Polycom + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Portainer + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.portainer.io/blog/portainer-statement-re-log4j-cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PortSwigger + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PostGreSQL + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Postman + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228- + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Power Admin LLC + product: PA File Sight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - NONE + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Power Admin LLC + product: PA Server Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - NONE + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Power Admin LLC + product: PA Storage Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - NONE + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Pretix + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pretix.eu/about/de/blog/20211213-log4j/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PrimeKey + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Progress / IpSwitch + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.progress.com/security + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ProofPoint + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://proofpointcommunities.force.com/community/s/article/Proofpoint-Statement-Regarding-CVE-2021-44228-Java-logging-package-log4j2 + notes: This advisory is available for customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ProSeS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.proses.de/en/2021/12/16/log4shell-cve-2021-44228/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Prosys + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://prosysopc.com/news/important-security-release/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Proxmox + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PRTG Paessler + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.paessler.com/en/topic/90213-is-prtg-affected-by-cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PTC + product: Axeda Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 6.9.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ptc.com/en/support/article/CS358990 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: PTC + product: ThingsWorx Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '8.5' + - '9.0' + - '9.1' + - '9.2' + - All supported versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ptc.com/en/support/article/CS358901 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: PTC + product: ThingsWorx Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '8.5' + - '9.0' + - '9.1' + - '9.2' + - All supported versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ptc.com/en/support/article/CS358901 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: PTV Group + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Connect Secure (ICS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for secure Access + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for secure Access + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for ZTA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for ZTA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Connect Secure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Desktop Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Mobile Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse One + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Policy Secure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Secure Services Director + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Secure Virtual Traffic Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Secure Web Application Firewall + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse ZTA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Puppet + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pure Storage + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22) + notes: This advisory is available for customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pure Storage + product: Cloud Blockstore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - CBS6.1.x + - CBS6.2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: Patch expected 12/27/2021 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: Flash Array + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 5.3.x + - 6.0.x + - 6.1.x + - 6.2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: Patch expected 12/20/2021 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: FlashBlade + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.1.x + - 3.2.x + - 3.3.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: Patch expected 12/24/2021 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: PortWorx + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.8.0+ + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: Pure1 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - N/A + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pyramid Analytics + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.pyramidanalytics.com/t/83hjjt4/log4j-security-vulnerability-pyramid + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_Q.yml b/data/cisagov_Q.yml index a51cbb4..7062f16 100644 --- a/data/cisagov_Q.yml +++ b/data/cisagov_Q.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Qlik product: '' cves: @@ -61,7 +61,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: QMATIC product: Appointment Booking cves: @@ -210,7 +210,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: QOPPA product: '' cves: @@ -239,7 +239,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: QSC Q-SYS product: '' cves: @@ -268,7 +268,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: QT product: '' cves: @@ -297,7 +297,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Quest Global product: '' cves: @@ -326,5 +326,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_R.yml b/data/cisagov_R.yml index a8df413..ab52902 100644 --- a/data/cisagov_R.yml +++ b/data/cisagov_R.yml @@ -4,6 +4,2861 @@ owners: - name: cisagov url: https://github.com/cisagov/log4j-affected-db software: + - vendor: R + product: R + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 4.1.1 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.r-project.org/ + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: R2ediviewer + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://r2ediviewer.de/DE/reload.html?Change-log_17858584.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Radware + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.radware.com/app/answers/answer_view/a_id/1029752 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Rapid7 + product: AlcidekArt, kAdvisor, and kAudit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: AppSpider Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: AppSpider Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Insight Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightAppSec Scan Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightAppSec Scan Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightCloudSec/DivvyCloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightConnect Orchestrator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightIDR Network Sensor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightIDR/InsightOps Collector & Event Sources + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightOps DataHub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - InsightOps DataHub <= 2.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Upgrade [DataHub to version 2.0.1](https://rep.logentries.com/datahub/DataHub_2.0.1.deb) + using the [following instructions](https://docs.rapid7.com/insightops/setting-up-datahub/). + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightOps non-Java logging libraries + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightOps r7insight_java logging library + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <=3.0.8 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Upgrade [r7insight_java](https://github.com/rapid7/r7insight_java) to 3.0.9 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM Kubernetes Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM/Nexpose + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM/Nexpose Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” + packaged in them. This is a different library than log4j-core and is not vulnerable + to Log4Shell. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM/Nexpose Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” + packaged in them. This is a different library than log4j-core and is not vulnerable + to Log4Shell. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: IntSights virtual appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Logentries DataHub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Linux version <= 1.2.0.820; Windows version <= 1.2.0.820 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: 'Linux: Install DataHub_1.2.0.822.deb using the following [instructions](https://docs.logentries.com/docs/datahub-linux). + Windows: Run version 1.2.0.822 in a Docker container or as a Java command per + these [instructions](https://docs.logentries.com/docs/datahub-windows). You + can find more details [here](https://docs.logentries.com/docs/datahub-linux).' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Logentries le_java logging library + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 'All versions: this is a deprecated component' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Migrate to version 3.0.9 of [r7insight_java](https://github.com/rapid7/r7insight_java) + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Metasploit Framework + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Metasploit Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Metasploit Pro ships with log4j but has specific configurations applied + to it that mitigate Log4Shell. A future update will contain a fully patched + version of log4j. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: tCell Java Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Velociraptor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Raritan + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.raritan.com/support + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Ravelin + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://syslog.ravelin.com/log4shell-cve-2021-44228-4338bb8da67b + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Real-Time Innovations (RTI) + product: Distributed Logger + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: Recording Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Administration Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Code Generator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Code Generator Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Micro Application Generator (MAG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - as part of RTI Connext Micro 3.0.0 + - 3.0.1 + - 3.0.2 + - 3.0.3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Micro Application Generator (MAG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - as part of RTI Connext Professional 6.0.0 and 6.0.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Red Hat + product: log4j-core + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Integration Camel K + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5130](https://access.redhat.com/errata/RHSA-2021:5130)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat build of Quarkus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat CodeReady Studio + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 12.21.0 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[CRS 12.21.1 Patch](https://developers.redhat.com/products/codeready-studio/download?source=sso)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Data Grid + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '8' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5132](http://access.redhat.com/errata/RHSA-2021:5132)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Decision Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Enterprise Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '6' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Enterprise Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Enterprise Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '8' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Integration Camel Quarkus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5126](https://access.redhat.com/errata/RHSA-2021:5126)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss A-MQ Streaming + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5138](https://access.redhat.com/errata/RHSA-2021:5138)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss Enterprise Application Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '7' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: "[Maven Patch](https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.4)\ + \ - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't\ + \ affected." + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss Enterprise Application Platform Expansion Pack + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss Fuse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '7' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5134](https://access.redhat.com/errata/RHSA-2021:5134)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Process Automation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '7' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: "[Maven Patch](https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=103671&product=rhpam&version=7.11.1&downloadType=patches)\ + \ - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't\ + \ affected." + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Single Sign-On + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Vert.X + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '4' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5093](https://access.redhat.com/errata/RHSA-2021:5093)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Satellite 5 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Spacewalk + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 3.11 + product: openshift3/ose-logging-elasticsearch5 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5094](http://access.redhat.com/errata/RHSA-2021:5094)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 4 + product: openshift4/ose-logging-elasticsearch6 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 4 + product: openshift4/ose-metering-hive + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 4 + product: openshift4/ose-metering-presto + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Logging + product: logging-elasticsearch6-container + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenStack Platform 13 (Queens) + product: opendaylight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: End of Life + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat Software Collections + product: rh-java-common-log4j + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat Software Collections + product: rh-maven35-log4j12 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat Software Collections + product: rh-maven36-log4j12 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red5Pro + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RedGate + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.red-gate.com/privacy-and-security/vulnerabilities/2021-12-15-log4j-statement + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Redis + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://redis.com/security/notice-apache-log4j2-cve-2021-44228/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Reiner SCT + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.reiner-sct.com/index.php?/topic/5973-timecard-und-log4j-schwachstelle/&do=findComment&comment=14933 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ReportURI + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://scotthelme.co.uk/responding-to-the-log4j-2-vulnerability/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ResMed + product: AirView + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.resmed.com/en-us/security/ + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: ResMed + product: myAir + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.resmed.com/en-us/security/ + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Respondus + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.respondus.com/support/index.php?/News/NewsItem/View/339 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Revenera / Flexera + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Ricoh + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ricoh.com/info/2021/1215_1/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RingCentral + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ringcentral.com/trust-center/security-bulletin.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Riverbed + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportkb.riverbed.com/support/index?page=content&id=S35645 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Rockwell Automation + product: FactoryTalk Analytics DataFlowML + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.00.00 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: FactoryTalk Analytics DataView + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.03.00 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: Industrial Data Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Gen 1 + - Gen 2 + - Gen 3 + - Gen 3.5 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: MES EIG + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.03.00 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: Customers should upgrade to EIG Hub if possible or work with their local + representatives about alternative solutions. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: VersaVirtual + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Series A + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: Warehouse Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.01.00 + - 4.02.00 + - 4.02.01 + - 4.02.02 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rollbar + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rollbar.com/blog/log4j-zero-day-2021-log4shell/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Rosette.com + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Authentication Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Authentication Manager Prime + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Authentication Manager WebTier + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Governance and Lifecycle + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Governance and Lifecycle Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Identity Router + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA Netwitness + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Rstudioapi + product: Rstudioapi + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '0.13' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/rstudio/rstudioapi + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Rubrik + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Ruckus + product: Virtual SmartZone (vSZ) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 5.1 to 6.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.ruckuswireless.com/security_bulletins/313 + notes: '' + references: + - '' + last_updated: '2021-12-13T00:00:00' + - vendor: RunDeck by PagerDuty + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.rundeck.com/docs/history/CVEs/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Runecast product: Runecast Analyzer cves: @@ -33,5 +2888,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_S.yml b/data/cisagov_S.yml index fa14507..6df8757 100644 --- a/data/cisagov_S.yml +++ b/data/cisagov_S.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SAFE FME Server product: '' cves: @@ -61,7 +61,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SAGE product: '' cves: @@ -90,7 +90,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SailPoint product: '' cves: @@ -120,7 +120,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Salesforce product: Analytics Cloud cves: @@ -1093,7 +1093,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SAP product: '' cves: @@ -1212,7 +1212,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SASSAFRAS product: '' cves: @@ -1241,7 +1241,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Savignano software solutions product: '' cves: @@ -1270,7 +1270,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SBT product: SBT cves: @@ -1330,7 +1330,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ScaleFusion MobileLock Pro product: '' cves: @@ -1359,7 +1359,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Schneider Electric product: EASYFIT cves: @@ -2105,7 +2105,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ScreenBeam product: '' cves: @@ -2134,7 +2134,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SDL worldServer product: '' cves: @@ -2163,7 +2163,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Seagull Scientific product: '' cves: @@ -2192,7 +2192,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SecurePoint product: '' cves: @@ -2221,7 +2221,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Security Onion product: '' cves: @@ -2250,7 +2250,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Securonix product: Extended Detection and Response (XDR) cves: @@ -2429,7 +2429,7 @@ software: by CISA. references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SentinelOne product: '' cves: @@ -2458,7 +2458,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sentry product: '' cves: @@ -2487,7 +2487,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SEP product: '' cves: @@ -2516,7 +2516,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Server Eye product: '' cves: @@ -2545,7 +2545,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ServiceNow product: '' cves: @@ -2574,7 +2574,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Shibboleth product: '' cves: @@ -2603,7 +2603,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Shibboleth product: All Products cves: @@ -2663,7 +2663,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Siebel product: '' cves: @@ -2692,7 +2692,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Siemens product: Affected Products cves: @@ -3899,7 +3899,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sierra Wireless product: AirVantage and Octave cloud platforms cves: @@ -3987,7 +3987,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Silver Peak product: Orchestrator, Silver Peak GMS cves: @@ -4049,7 +4049,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SISCO product: '' cves: @@ -4107,7 +4107,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Skillable product: '' cves: @@ -4136,7 +4136,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SLF4J product: '' cves: @@ -4165,7 +4165,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Slurm product: Slurm cves: @@ -4253,7 +4253,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SmileCDR product: '' cves: @@ -4282,7 +4282,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sn0m product: '' cves: @@ -4311,7 +4311,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Snakemake product: Snakemake cves: @@ -4371,7 +4371,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Snow Software product: VM Access Proxy cves: @@ -4401,7 +4401,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Snowflake product: '' cves: @@ -4430,7 +4430,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Snyk product: Cloud Platform cves: @@ -4459,7 +4459,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Software AG product: '' cves: @@ -4488,7 +4488,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SolarWinds product: Database Performance Analyzer (DPA) cves: @@ -4609,7 +4609,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sonatype product: All Products cves: @@ -5551,7 +5551,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Spacelabs Healthcare product: ABP cves: @@ -6149,7 +6149,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Spigot product: '' cves: @@ -6178,7 +6178,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Splunk product: Data Stream Processor cves: @@ -6850,7 +6850,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Spring product: Spring Boot cves: @@ -6880,7 +6880,7 @@ software: switched the default logging system to Log4J2 references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Spring Boot product: '' cves: @@ -6909,7 +6909,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: StarDog product: '' cves: @@ -6938,7 +6938,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: STERIS product: Advantage cves: @@ -8475,7 +8475,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Storagement product: '' cves: @@ -8504,7 +8504,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: StormShield product: '' cves: @@ -8533,7 +8533,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: StrangeBee TheHive & Cortex product: '' cves: @@ -8562,7 +8562,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Stratodesk product: '' cves: @@ -8591,7 +8591,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Strimzi product: '' cves: @@ -8620,7 +8620,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Stripe product: '' cves: @@ -8649,7 +8649,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Styra product: '' cves: @@ -8678,7 +8678,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sumologic product: '' cves: @@ -8707,7 +8707,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SumoLogic product: '' cves: @@ -8736,7 +8736,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Superna EYEGLASS product: '' cves: @@ -8765,7 +8765,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Suprema Inc product: '' cves: @@ -8794,7 +8794,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SUSE product: '' cves: @@ -8823,7 +8823,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sweepwidget product: '' cves: @@ -8852,7 +8852,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Swyx product: '' cves: @@ -8881,7 +8881,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Synchro MSP product: '' cves: @@ -8910,7 +8910,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Syncplify product: '' cves: @@ -8939,7 +8939,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Synology product: '' cves: @@ -8968,7 +8968,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Synopsys product: '' cves: @@ -8997,7 +8997,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Syntevo product: '' cves: @@ -9026,7 +9026,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SysAid product: '' cves: @@ -9055,7 +9055,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sysdig product: '' cves: @@ -9084,5 +9084,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_T.yml b/data/cisagov_T.yml index de948b6..4b0134c 100644 --- a/data/cisagov_T.yml +++ b/data/cisagov_T.yml @@ -260,7 +260,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tanium product: All cves: @@ -319,7 +319,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TeamPasswordManager product: '' cves: @@ -348,7 +348,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Teamviewer product: '' cves: @@ -377,7 +377,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tech Software product: OneAegis (f/k/a IRBManager) cves: @@ -496,7 +496,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Telestream product: '' cves: @@ -525,7 +525,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tenable product: Tenable.io / Nessus cves: @@ -555,7 +555,7 @@ software: to CVE-2021-44228 or CVE-2021-45046 at this time references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Thales product: CADP/SafeNet Protect App (PA) - JCE cves: @@ -2391,7 +2391,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ThycoticCentrify product: Account Lifecycle Manager cves: @@ -2690,7 +2690,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Top Gun Technology (TGT) product: '' cves: @@ -2719,7 +2719,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TopDesk product: '' cves: @@ -2748,7 +2748,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Topicus Security product: Topicus KeyHub cves: @@ -2807,7 +2807,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tosibox product: '' cves: @@ -2836,7 +2836,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TPLink product: Omega Controller cves: @@ -2897,7 +2897,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tricentis Tosca product: '' cves: @@ -2926,7 +2926,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tridium product: '' cves: @@ -3224,7 +3224,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TrueNAS product: '' cves: @@ -3253,7 +3253,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tufin product: '' cves: @@ -3282,7 +3282,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TYPO3 product: '' cves: @@ -3311,5 +3311,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_U.yml b/data/cisagov_U.yml index 0ce28f2..5a679fc 100644 --- a/data/cisagov_U.yml +++ b/data/cisagov_U.yml @@ -33,7 +33,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ubiquiti product: UniFi Network Controller cves: @@ -93,7 +93,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: UiPath product: InSights cves: @@ -152,7 +152,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: UniFlow product: '' cves: @@ -181,7 +181,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Unify ATOS product: '' cves: @@ -210,7 +210,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Unimus product: '' cves: @@ -239,7 +239,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: USSIGNAL MSP product: '' cves: @@ -268,5 +268,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_V.yml b/data/cisagov_V.yml index 9594d23..c3555b7 100644 --- a/data/cisagov_V.yml +++ b/data/cisagov_V.yml @@ -1233,7 +1233,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Varnish Software product: '' cves: @@ -1262,7 +1262,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Varonis product: '' cves: @@ -1291,7 +1291,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Veeam product: '' cves: @@ -1320,7 +1320,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Venafi product: '' cves: @@ -1349,7 +1349,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Veritas NetBackup product: '' cves: @@ -1378,7 +1378,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Vertica product: '' cves: @@ -1466,7 +1466,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: VMware product: API Portal for VMware Tanzu cves: diff --git a/data/cisagov_W.yml b/data/cisagov_W.yml index b1651d2..0781052 100644 --- a/data/cisagov_W.yml +++ b/data/cisagov_W.yml @@ -62,7 +62,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wasp Barcode technologies product: '' cves: @@ -91,7 +91,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WatchGuard product: Secplicity cves: @@ -120,7 +120,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Western Digital product: '' cves: @@ -149,7 +149,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WIBU Systems product: CodeMeter Cloud Lite cves: @@ -238,7 +238,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WireShark product: '' cves: @@ -267,7 +267,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wistia product: '' cves: @@ -296,7 +296,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WitFoo product: '' cves: @@ -325,7 +325,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WordPress product: '' cves: @@ -354,7 +354,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Worksphere product: '' cves: @@ -383,7 +383,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wowza product: '' cves: @@ -412,7 +412,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WSO2 product: WSO2 Enterprise Integrator cves: @@ -442,5 +442,5 @@ software: notes: A temporary mitigation is available while vendor works on update references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_X.yml b/data/cisagov_X.yml index e2f18a2..b107a72 100644 --- a/data/cisagov_X.yml +++ b/data/cisagov_X.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XenForo product: '' cves: @@ -61,7 +61,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Xerox product: '' cves: @@ -90,7 +90,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XPertDoc product: '' cves: @@ -119,7 +119,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XPLG product: '' cves: @@ -148,7 +148,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XWIKI product: '' cves: @@ -177,7 +177,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Xylem product: Aquatalk cves: diff --git a/data/cisagov_Y.yml b/data/cisagov_Y.yml index 982c73c..cc2fe73 100644 --- a/data/cisagov_Y.yml +++ b/data/cisagov_Y.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: YellowFin product: '' cves: @@ -61,7 +61,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: YOKOGAWA product: '' cves: @@ -119,5 +119,5 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' ... diff --git a/data/cisagov_Z.yml b/data/cisagov_Z.yml index 5a92727..13f553c 100644 --- a/data/cisagov_Z.yml +++ b/data/cisagov_Z.yml @@ -32,7 +32,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ZAMMAD product: '' cves: @@ -61,7 +61,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zaproxy product: '' cves: @@ -90,7 +90,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zebra product: '' cves: @@ -119,7 +119,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zendesk product: All Products cves: @@ -180,7 +180,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zentera Systems, Inc. product: CoIP Access Platform cves: @@ -239,7 +239,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zesty product: '' cves: @@ -268,7 +268,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zimbra product: '' cves: @@ -297,7 +297,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zix product: '' cves: @@ -355,7 +355,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ZPE systems Inc product: '' cves: @@ -384,7 +384,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zscaler product: See Link (Multiple Products) cves: @@ -442,7 +442,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zyxel product: Security Firewall/Gateways cves: From aa4490c0611f381769d6857a8e79a14bee13fb5f Mon Sep 17 00:00:00 2001 From: cisagovbot <65734717+cisagovbot@users.noreply.github.com> Date: Tue, 25 Jan 2022 18:56:22 +0000 Subject: [PATCH 06/10] Update the software list --- SOFTWARE-LIST.md | 191 +- data/cisagov.yml | 6951 +++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 6467 insertions(+), 675 deletions(-) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index 6a90bbf..fdf75df 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -1512,7 +1512,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to | HPE | OfficeConnect | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | Primera Storage | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | RepoServer part of OPA (on Premises aggregator) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | -| HPE | Resource Aggregator for Open Distributed Infrastructure Management | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | +| HPE | Resource Aggregator for Open Distributed Infrastructure Management | | | Not Affected | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | RESTful Interface Tool (iLOREST) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | SAT (System Admin Toolkit) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | Scripting Tools for Windows PowerShell (HPEiLOCmdlets) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | @@ -2217,6 +2217,99 @@ NOTE: This file is automatically generated. To submit updates, please refer to | OxygenXML | Web Author | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | OxygenXML | WebHelp | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | PagerDuty | PagerDuty SaaS | | | Unknown | [link](https://support.pagerduty.com/docs/pagerduty-log4j-zero-day-vulnerability) | We currently see no evidence of compromises on our platform. Our teams continue to monitor for new developments and for impacts on sub-processors and dependent systems. PagerDuty SaaS customers do not need to take any additional action for their PagerDuty SaaS environment | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Palantir | Palantir AI Inference Platform (AIP) | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | Fully remediated as of 1.97.0. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 | +| Palantir | Palantir Apollo | | | Not Affected | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact, and updates have been deployed for full remediation. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 | +| Palantir | Palantir Foundry | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 | +| Palantir | Palantir Gotham | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 | +| Palo-Alto Networks | Bridgecrew | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | CloudGenix | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Cortex Data Lake | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Cortex XDR Agent | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Cortex Xpanse | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Cortex XSOAR | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Expedition | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | GlobalProtect App | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | IoT Security | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Okyo Grade | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Palo-Alto Networks-OS for Firewall and Wildfire | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Palo-Alto Networks-OS for Panorama | 9.0, 9.1, 10.0 | | Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will be updated when hot fixes for the affected Panorama versions are available. PAN-OS for Panorama versions 8.1, 10.1 are not affected. | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Palo-Alto Networks | Prisma Access | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Prisma Cloud | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Prisma Cloud Compute | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | SaaS Security | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | User-ID Agent | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | WildFire Appliance | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | WildFire Cloud | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Panopto | | | | Unknown | [link](https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PaperCut | PaperCut MF | 21.0 and later | | Affected | [link](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| PaperCut | PaperCut NG | 21.0 and later | | Affected | [link](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Parallels | | | | Unknown | [link](https://kb.parallels.com/en/128696) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Parse.ly | | | | Unknown | [link](https://blog.parse.ly/parse-ly-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PBXMonitor | RMM for 3CX PBX | | | Unknown | [link](https://www.pbxmonitor.net/changelog.php) | Mirror Servers were also checked to ensure Log4J was not installed or being used by any of our systems. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | +| Pega | | | | Unknown | [link](https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pentaho | | | | Unknown | [link](https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pepperl+Fuchs | | | | Unknown | [link](https://www.pepperl-fuchs.com/global/en/29079.htm) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Percona | | | | Unknown | [link](https://www.percona.com/blog/log4jshell-vulnerability-update/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pexip | | | | Unknown | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Phenix Id | | | | Unknown | [link](https://support.phenixid.se/uncategorized/log4j-fix/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Philips | Multiple products | | | Unknown | [link](https://www.philips.com/a-w/security/security-advisories.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PHOENIX CONTACT | Cloud Services | | | Unknown | [link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | Partly affected. Remediations are being implemented. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | +| PHOENIX CONTACT | Physical products containing firmware | | | Unknown | [link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | +| PHOENIX CONTACT | Software Products | | | Unknown | [link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | +| Ping Identity | PingAccess | 4.0 <= version <= 6.3.2 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Ping Identity | PingCentral | | | Unknown | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Ping Identity | PingFederate | 8.0 <= version <= 10.3.4 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Ping Identity | PingFederate Java Integration Kit | < 2.7.2 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Ping Identity | PingFederate OAuth Playground | < 4.3.1 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Ping Identity | PingIntelligence | | | Unknown | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Pitney Bowes | | | | Unknown | [link](https://www.pitneybowes.com/us/support/apache-log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Planmeca | | | | Unknown | [link](https://www.planmeca.com/apache-log4j-vulnerability-in-planmeca-products/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Planon Software | | | | Unknown | [link](https://my.planonsoftware.com/uk/news/log4j-impact-on-planon/) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Platform.SH | | | | Unknown | [link](https://platform.sh/blog/2021/platformsh-protects-from-apache-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Plesk | | | | Unknown | [link](https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Plex | Plex Industrial IoT | | | Unknown | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | The product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Polycom | | | | Unknown | [link](https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Portainer | | | | Unknown | [link](https://www.portainer.io/blog/portainer-statement-re-log4j-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PortSwigger | | | | Unknown | [link](https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PostGreSQL | | | | Unknown | [link](https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Postman | | | | Unknown | [link](https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Power Admin LLC | PA File Sight | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| Power Admin LLC | PA Server Monitor | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| Power Admin LLC | PA Storage Monitor | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| Pretix | | | | Unknown | [link](https://pretix.eu/about/de/blog/20211213-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PrimeKey | | | | Unknown | [link](https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Progress / IpSwitch | | | | Unknown | [link](https://www.progress.com/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| ProofPoint | | | | Unknown | [link](https://proofpointcommunities.force.com/community/s/article/Proofpoint-Statement-Regarding-CVE-2021-44228-Java-logging-package-log4j2) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| ProSeS | | | | Unknown | [link](https://www.proses.de/en/2021/12/16/log4shell-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Prosys | | | | Unknown | [link](https://prosysopc.com/news/important-security-release/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Proxmox | | | | Unknown | [link](https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PRTG Paessler | | | | Unknown | [link](https://kb.paessler.com/en/topic/90213-is-prtg-affected-by-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PTC | Axeda Platform | 6.9.2 | | Affected | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| PTC | ThingsWorx Analytics | 8.5, 9.0, 9.1, 9.2, All supported versions | | Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| PTC | ThingsWorx Platform | 8.5, 9.0, 9.1, 9.2, All supported versions | | Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| PTV Group | | | | Unknown | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Ivanti Connect Secure (ICS) | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Ivanti Neurons for secure Access | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Ivanti Neurons for secure Access | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Ivanti Neurons for ZTA | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Ivanti Neurons for ZTA | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Connect Secure | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Desktop Client | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Mobile Client | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse One | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Policy Secure | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Secure Services Director | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Secure Virtual Traffic Manager | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Secure Web Application Firewall | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse ZTA | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Puppet | | | | Unknown | [link](https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pure Storage | | | | Unknown | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22)) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pure Storage | Cloud Blockstore | CBS6.1.x, CBS6.2.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | Patch expected 12/27/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Pure Storage | Flash Array | 5.3.x, 6.0.x, 6.1.x, 6.2.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | Patch expected 12/20/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Pure Storage | FlashBlade | 3.1.x, 3.2.x, 3.3.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | Patch expected 12/24/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Pure Storage | PortWorx | 2.8.0+ | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Pure Storage | Pure1 | | N/A | Fixed | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Pyramid Analytics | | | | Unknown | [link](https://community.pyramidanalytics.com/t/83hjjt4/log4j-security-vulnerability-pyramid) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | QF-Test | | | | Unknown | [link](https://www.qfs.de/en/blog/article/no-log4j-vulnerability-in-qf-test.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Qlik | | | | Unknown | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | QMATIC | Appointment Booking | 2.4+ | | Affected | [link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | Update to v. 2.8.2 which contains log4j 2.16 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | @@ -2228,6 +2321,102 @@ NOTE: This file is automatically generated. To submit updates, please refer to | QSC Q-SYS | | | | Unknown | [link](https://qscprod.force.com/selfhelpportal/s/article/Are-Q-SYS-products-affected-by-the-Log4j-vulnerability-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | QT | | | | Unknown | [link](https://www.qt.io/blog/the-qt-company-products-not-affected-by-cve-2021-44228-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Quest Global | | | | Unknown | [link](https://support.quest.com/fr-fr/search#q=CVE-2021-44228&t=Global) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| R | R | | | Not Affected | [link](https://www.r-project.org/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| R2ediviewer | | | | Unknown | [link](https://r2ediviewer.de/DE/reload.html?Change-log_17858584.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Radware | | | | Unknown | [link](https://support.radware.com/app/answers/answer_view/a_id/1029752) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Rapid7 | AlcidekArt, kAdvisor, and kAudit | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | AppSpider Enterprise | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | AppSpider Pro | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | Insight Agent | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightAppSec Scan Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightAppSec Scan Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightCloudSec/DivvyCloud | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightConnect Orchestrator | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightIDR Network Sensor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightIDR/InsightOps Collector & Event Sources | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightOps DataHub | InsightOps DataHub <= 2.0 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Upgrade [DataHub to version 2.0.1](https://rep.logentries.com/datahub/DataHub_2.0.1.deb) using the [following instructions](https://docs.rapid7.com/insightops/setting-up-datahub/). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightOps non-Java logging libraries | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightOps r7insight_java logging library | <=3.0.8 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Upgrade [r7insight_java](https://github.com/rapid7/r7insight_java) to 3.0.9 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightVM Kubernetes Monitor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightVM/Nexpose | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightVM/Nexpose Console | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightVM/Nexpose Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | IntSights virtual appliance | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | Logentries DataHub | Linux version <= 1.2.0.820; Windows version <= 1.2.0.820 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Linux: Install DataHub_1.2.0.822.deb using the following [instructions](https://docs.logentries.com/docs/datahub-linux). Windows: Run version 1.2.0.822 in a Docker container or as a Java command per these [instructions](https://docs.logentries.com/docs/datahub-windows). You can find more details [here](https://docs.logentries.com/docs/datahub-linux). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | Logentries le_java logging library | All versions: this is a deprecated component | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Migrate to version 3.0.9 of [r7insight_java](https://github.com/rapid7/r7insight_java) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | Metasploit Framework | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | Metasploit Pro | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Metasploit Pro ships with log4j but has specific configurations applied to it that mitigate Log4Shell. A future update will contain a fully patched version of log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | tCell Java Agent | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | Velociraptor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Raritan | | | | Unknown | [link](https://www.raritan.com/support) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Ravelin | | | | Unknown | [link](https://syslog.ravelin.com/log4shell-cve-2021-44228-4338bb8da67b) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Real-Time Innovations (RTI) | Distributed Logger | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | Recording Console | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | RTI Administration Console | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | RTI Code Generator | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | RTI Code Generator Server | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | RTI Micro Application Generator (MAG) | as part of RTI Connext Micro 3.0.0, 3.0.1, 3.0.2, 3.0.3 | | Affected | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | RTI Micro Application Generator (MAG) | as part of RTI Connext Professional 6.0.0 and 6.0.1 | | Affected | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | RTI Monitor | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Red Hat | log4j-core | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat Integration Camel K | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5130](https://access.redhat.com/errata/RHSA-2021:5130) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat build of Quarkus | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | +| Red Hat | Red Hat CodeReady Studio | | 12.21.0 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [CRS 12.21.1 Patch](https://developers.redhat.com/products/codeready-studio/download?source=sso) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat Data Grid | | 8 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5132](http://access.redhat.com/errata/RHSA-2021:5132) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat Decision Manager | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | +| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | +| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | +| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | +| Red Hat | Red Hat Integration Camel Quarkus | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5126](https://access.redhat.com/errata/RHSA-2021:5126) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat JBoss A-MQ Streaming | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5138](https://access.redhat.com/errata/RHSA-2021:5138) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat JBoss Enterprise Application Platform | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [Maven Patch](https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.4) - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | +| Red Hat | Red Hat JBoss Fuse | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5134](https://access.redhat.com/errata/RHSA-2021:5134) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat Process Automation | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [Maven Patch](https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=103671&product=rhpam&version=7.11.1&downloadType=patches) - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat Single Sign-On | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat Vert.X | | 4 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5093](https://access.redhat.com/errata/RHSA-2021:5093) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Satellite 5 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Spacewalk | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat OpenShift Container Platform 3.11 | openshift3/ose-logging-elasticsearch5 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5094](http://access.redhat.com/errata/RHSA-2021:5094) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat OpenShift Container Platform 4 | openshift4/ose-logging-elasticsearch6 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-hive | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-presto | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat OpenShift Logging | logging-elasticsearch6-container | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat OpenStack Platform 13 (Queens) | opendaylight | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | End of Life | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat Software Collections | rh-java-common-log4j | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat Software Collections | rh-maven35-log4j12 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat Software Collections | rh-maven36-log4j12 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red5Pro | | | | Unknown | [link](https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RedGate | | | | Unknown | [link](https://www.red-gate.com/privacy-and-security/vulnerabilities/2021-12-15-log4j-statement) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Redis | | | | Unknown | [link](https://redis.com/security/notice-apache-log4j2-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Reiner SCT | | | | Unknown | [link](https://forum.reiner-sct.com/index.php?/topic/5973-timecard-und-log4j-schwachstelle/&do=findComment&comment=14933) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| ReportURI | | | | Unknown | [link](https://scotthelme.co.uk/responding-to-the-log4j-2-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| ResMed | AirView | | | Unknown | [link](https://www.resmed.com/en-us/security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| ResMed | myAir | | | Unknown | [link](https://www.resmed.com/en-us/security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Respondus | | | | Unknown | [link](https://support.respondus.com/support/index.php?/News/NewsItem/View/339) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Revenera / Flexera | | | | Unknown | [link](https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Ricoh | | | | Unknown | [link](https://www.ricoh.com/info/2021/1215_1/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RingCentral | | | | Unknown | [link](https://www.ringcentral.com/trust-center/security-bulletin.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Riverbed | | | | Unknown | [link](https://supportkb.riverbed.com/support/index?page=content&id=S35645) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Rockwell Automation | FactoryTalk Analytics DataFlowML | 4.00.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rockwell Automation | FactoryTalk Analytics DataView | 3.03.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rockwell Automation | Industrial Data Center | | Gen 1, Gen 2, Gen 3, Gen 3.5 | Fixed | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rockwell Automation | MES EIG | 3.03.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | Customers should upgrade to EIG Hub if possible or work with their local representatives about alternative solutions. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rockwell Automation | VersaVirtual | | Series A | Fixed | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rockwell Automation | Warehouse Management | 4.01.00, 4.02.00, 4.02.01, 4.02.02 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rollbar | | | | Unknown | [link](https://rollbar.com/blog/log4j-zero-day-2021-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Rosette.com | | | | Unknown | [link](https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA | SecurID Authentication Manager | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA | SecurID Authentication Manager Prime | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA | SecurID Authentication Manager WebTier | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA | SecurID Governance and Lifecycle | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA | SecurID Governance and Lifecycle Cloud | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA | SecurID Identity Router | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA Netwitness | | | | Unknown | [link](https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Rstudioapi | Rstudioapi | | | Not Affected | [link](https://github.com/rstudio/rstudioapi) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Rubrik | | | | Unknown | [link](https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Ruckus | Virtual SmartZone (vSZ) | 5.1 to 6.0 | | Affected | [link](https://support.ruckuswireless.com/security_bulletins/313) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 | +| RunDeck by PagerDuty | | | | Unknown | [link](https://docs.rundeck.com/docs/history/CVEs/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Runecast | Runecast Analyzer | | 6.0.3 | Fixed | [link](https://www.runecast.com/release-notes) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | SAE-IT | | | | Unknown | [link](https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | SAFE FME Server | | | | Unknown | [link](https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | diff --git a/data/cisagov.yml b/data/cisagov.yml index 972d02e..b0f11e7 100644 --- a/data/cisagov.yml +++ b/data/cisagov.yml @@ -9266,7 +9266,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: Symantec Protection Engine (SPE) cves: @@ -9295,7 +9295,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: Symantec Protection for SharePoint Servers (SPSS) cves: @@ -9324,7 +9324,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: VIP cves: @@ -9353,7 +9353,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: VIP Authentication Hub cves: @@ -9382,7 +9382,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: Web Isolation (WI) cves: @@ -9411,7 +9411,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: Web Security Service (WSS) cves: @@ -9440,7 +9440,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: WebPulse cves: @@ -9469,7 +9469,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: C4b XPHONE product: '' cves: @@ -9498,7 +9498,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Campbell Scientific product: All cves: @@ -9556,7 +9556,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Canary Labs product: All cves: @@ -9874,7 +9874,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Carestream product: '' cves: @@ -9932,7 +9932,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CAS genesisWorld product: '' cves: @@ -9961,7 +9961,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cato Networks product: '' cves: @@ -9990,7 +9990,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cepheid product: C360 cves: @@ -10077,7 +10077,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Chaser Systems product: discrimiNAT Firewall cves: @@ -10107,7 +10107,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: CloudGuard cves: @@ -10137,7 +10137,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: Harmony Endpoint & Harmony Mobile cves: @@ -10167,7 +10167,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: Infinity Portal cves: @@ -10196,7 +10196,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: Quantum Security Gateway cves: @@ -10226,7 +10226,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: Quantum Security Management cves: @@ -10257,7 +10257,7 @@ software: this attack by default. references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: SMB cves: @@ -10287,7 +10287,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: ThreatCloud cves: @@ -10316,7 +10316,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CheckMK product: '' cves: @@ -10345,7 +10345,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ciphermail product: '' cves: @@ -10374,7 +10374,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CircleCI product: CircleCI cves: @@ -10432,7 +10432,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: AppDynamics cves: @@ -10461,7 +10461,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco ACI Multi-Site Orchestrator cves: @@ -10490,7 +10490,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco ACI Virtual Edge cves: @@ -10519,7 +10519,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Adaptive Security Appliance (ASA) Software cves: @@ -10548,7 +10548,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Advanced Web Security Reporting Application cves: @@ -10577,7 +10577,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco AMP Virtual Private Cloud Appliance cves: @@ -10606,7 +10606,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco AnyConnect Secure Mobility Client cves: @@ -10635,7 +10635,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Application Policy Infrastructure Controller (APIC) cves: @@ -10664,7 +10664,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco ASR 5000 Series Routers cves: @@ -10693,7 +10693,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Broadcloud Calling cves: @@ -10722,7 +10722,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco BroadWorks cves: @@ -10751,7 +10751,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Catalyst 9800 Series Wireless Controllers cves: @@ -10780,7 +10780,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco CloudCenter Suite Admin cves: @@ -10809,7 +10809,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco CloudCenter Workload Manager cves: @@ -10838,7 +10838,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Cognitive Intelligence cves: @@ -10867,7 +10867,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Common Services Platform Collector cves: @@ -10896,7 +10896,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Computer Telephony Integration Object Server (CTIOS) cves: @@ -10925,7 +10925,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Connected Grid Device Manager cves: @@ -10954,7 +10954,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Connected Mobile Experiences cves: @@ -10983,7 +10983,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Connectivity cves: @@ -11012,7 +11012,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Contact Center Domain Manager (CCDM) cves: @@ -11041,7 +11041,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Contact Center Management Portal (CCMP) cves: @@ -11070,7 +11070,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Crosswork Change Automation cves: @@ -11099,7 +11099,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco CX Cloud Agent Software cves: @@ -11128,7 +11128,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Data Center Network Manager (DCNM) cves: @@ -11157,7 +11157,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Defense Orchestrator cves: @@ -11186,7 +11186,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco DNA Assurance cves: @@ -11215,7 +11215,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco DNA Center cves: @@ -11244,7 +11244,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco DNA Spaces cves: @@ -11273,7 +11273,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Elastic Services Controller (ESC) cves: @@ -11302,7 +11302,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Emergency Responder cves: @@ -11331,7 +11331,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Enterprise Chat and Email cves: @@ -11360,7 +11360,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Enterprise NFV Infrastructure Software (NFVIS) cves: @@ -11389,7 +11389,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Evolved Programmable Network Manager cves: @@ -11418,7 +11418,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Extensible Network Controller (XNC) cves: @@ -11447,7 +11447,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Finesse cves: @@ -11476,7 +11476,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Firepower Management Center cves: @@ -11505,7 +11505,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Firepower Threat Defense (FTD) cves: @@ -11534,7 +11534,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco GGSN Gateway GPRS Support Node cves: @@ -11563,7 +11563,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco HyperFlex System cves: @@ -11592,7 +11592,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Identity Services Engine (ISE) cves: @@ -11621,7 +11621,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Integrated Management Controller (IMC) Supervisor cves: @@ -11650,7 +11650,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Intersight cves: @@ -11679,7 +11679,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Intersight Virtual Appliance cves: @@ -11708,7 +11708,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IOS and IOS XE Software cves: @@ -11737,7 +11737,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System) @@ -11767,7 +11767,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IoT Operations Dashboard cves: @@ -11796,7 +11796,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IOx Fog Director cves: @@ -11825,7 +11825,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IP Services Gateway (IPSG) cves: @@ -11854,7 +11854,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Kinetic for Cities cves: @@ -11883,7 +11883,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco MDS 9000 Series Multilayer Switches cves: @@ -11912,7 +11912,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Meeting Server cves: @@ -11941,7 +11941,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco MME Mobility Management Entity cves: @@ -11970,7 +11970,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Modeling Labs cves: @@ -11999,7 +11999,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Assessment (CNA) Tool cves: @@ -12028,7 +12028,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Assurance Engine cves: @@ -12057,7 +12057,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Convergence System 2000 Series cves: @@ -12086,7 +12086,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Planner cves: @@ -12115,7 +12115,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Services Orchestrator (NSO) cves: @@ -12144,7 +12144,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 5500 Platform Switches cves: @@ -12173,7 +12173,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 5600 Platform Switches cves: @@ -12202,7 +12202,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 6000 Series Switches cves: @@ -12231,7 +12231,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 7000 Series Switches cves: @@ -12260,7 +12260,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode @@ -12290,7 +12290,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus Dashboard (formerly Cisco Application Services Engine) cves: @@ -12319,7 +12319,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus Data Broker cves: @@ -12348,7 +12348,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus Insights cves: @@ -12377,7 +12377,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Optical Network Planner cves: @@ -12406,7 +12406,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Packaged Contact Center Enterprise cves: @@ -12435,7 +12435,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Paging Server cves: @@ -12464,7 +12464,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Paging Server (InformaCast) cves: @@ -12493,7 +12493,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco PDSN/HA Packet Data Serving Node and Home Agent cves: @@ -12522,7 +12522,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco PGW Packet Data Network Gateway cves: @@ -12551,7 +12551,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Policy Suite cves: @@ -12580,7 +12580,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Central for Service Providers cves: @@ -12609,7 +12609,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Collaboration Manager cves: @@ -12638,7 +12638,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Collaboration Provisioning cves: @@ -12667,7 +12667,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Infrastructure cves: @@ -12696,7 +12696,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime License Manager cves: @@ -12725,7 +12725,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Network cves: @@ -12754,7 +12754,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Optical for Service Providers cves: @@ -12783,7 +12783,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Provisioning cves: @@ -12812,7 +12812,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Service Catalog cves: @@ -12841,7 +12841,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Registered Envelope Service cves: @@ -12870,7 +12870,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 1000 Series Routers cves: @@ -12899,7 +12899,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 2000 Series Routers cves: @@ -12928,7 +12928,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 5000 Series Routers cves: @@ -12957,7 +12957,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge Cloud Router Platform cves: @@ -12986,7 +12986,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vManage cves: @@ -13015,7 +13015,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Secure Network Analytics (SNA), formerly Stealthwatch cves: @@ -13044,7 +13044,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SocialMiner cves: @@ -13073,7 +13073,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco System Architecture Evolution Gateway (SAEGW) cves: @@ -13102,7 +13102,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco TelePresence Management Suite cves: @@ -13131,7 +13131,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco UCS Director cves: @@ -13160,7 +13160,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco UCS Performance Manager cves: @@ -13189,7 +13189,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Umbrella cves: @@ -13218,7 +13218,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Advanced cves: @@ -13247,7 +13247,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Business Edition cves: @@ -13276,7 +13276,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Department Edition cves: @@ -13305,7 +13305,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Enterprise Edition cves: @@ -13334,7 +13334,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Premium Edition cves: @@ -13363,7 +13363,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Communications Manager Cloud cves: @@ -13392,7 +13392,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Contact Center Enterprise cves: @@ -13421,7 +13421,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Contact Center Enterprise - Live Data server cves: @@ -13450,7 +13450,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Contact Center Express cves: @@ -13479,7 +13479,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Intelligent Contact Management Enterprise cves: @@ -13508,7 +13508,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified SIP Proxy Software cves: @@ -13537,7 +13537,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Video Surveillance Operations Manager cves: @@ -13566,7 +13566,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM cves: @@ -13595,7 +13595,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Virtualized Voice Browser cves: @@ -13624,7 +13624,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Vision Dynamic Signage Director cves: @@ -13653,7 +13653,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco WAN Automation Engine (WAE) cves: @@ -13682,7 +13682,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Web Security Appliance (WSA) cves: @@ -13711,7 +13711,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Webex Cloud-Connected UC (CCUC) cves: @@ -13740,7 +13740,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Webex Meetings Server cves: @@ -13769,7 +13769,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Webex Teams cves: @@ -13798,7 +13798,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Wide Area Application Services (WAAS) cves: @@ -13827,7 +13827,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Duo cves: @@ -13856,7 +13856,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: DUO network gateway (on-prem/self-hosted) cves: @@ -13884,7 +13884,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: duo network gateway (on-prem/self-hosted) cves: @@ -13912,7 +13912,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Exony Virtualized Interaction Manager (VIM) cves: @@ -13941,7 +13941,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Managed Services Accelerator (MSX) Network Access Control Service cves: @@ -13970,7 +13970,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Citrix product: Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) cves: @@ -14407,7 +14407,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: AM2CM Tool cves: @@ -14436,7 +14436,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Ambari cves: @@ -14467,7 +14467,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Arcadia Enterprise cves: @@ -14497,7 +14497,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDH, HDP, and HDF cves: @@ -14527,7 +14527,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDP Operational Database (COD) cves: @@ -14556,7 +14556,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDP Private Cloud Base cves: @@ -14586,7 +14586,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDS 3 Powered by Apache Spark cves: @@ -14616,7 +14616,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDS 3.2 for GPUs cves: @@ -14646,7 +14646,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Cybersecurity Platform cves: @@ -14676,7 +14676,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Engineering (CDE) cves: @@ -14705,7 +14705,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Engineering (CDE) cves: @@ -14735,7 +14735,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Flow (CFM) cves: @@ -14764,7 +14764,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Science Workbench (CDSW) cves: @@ -14795,7 +14795,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Visualization (CDV) cves: @@ -14824,7 +14824,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Warehouse (CDW) cves: @@ -14853,7 +14853,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Warehouse (CDW) cves: @@ -14883,7 +14883,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera DataFlow (CDF) cves: @@ -14912,7 +14912,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Edge Management (CEM) cves: @@ -14942,7 +14942,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Enterprise cves: @@ -14972,7 +14972,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Flow Management (CFM) cves: @@ -15002,7 +15002,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Machine Learning (CML) cves: @@ -15031,7 +15031,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Machine Learning (CML) cves: @@ -15061,7 +15061,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) @@ -15092,7 +15092,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) @@ -15125,7 +15125,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR)) cves: @@ -15154,7 +15154,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Runtime (including Cloudera Data Hub and all Data Hub templates) cves: @@ -15186,7 +15186,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Stream Processing (CSP) cves: @@ -15216,7 +15216,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Streaming Analytics (CSA) cves: @@ -15245,7 +15245,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Streaming Analytics (CSA) cves: @@ -15274,7 +15274,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Data Analytics Studio (DAS) cves: @@ -15303,7 +15303,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Data Catalog cves: @@ -15332,7 +15332,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Data Lifecycle Manager (DLM) cves: @@ -15361,7 +15361,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Data Steward Studio (DSS) cves: @@ -15391,7 +15391,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Hortonworks Data Flow (HDF) cves: @@ -15420,7 +15420,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Hortonworks Data Platform (HDP) cves: @@ -15452,7 +15452,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Hortonworks DataPlane Platform cves: @@ -15481,7 +15481,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Management Console cves: @@ -15511,7 +15511,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Management Console for CDP Public Cloud cves: @@ -15540,7 +15540,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Replication Manager cves: @@ -15569,7 +15569,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: SmartSense cves: @@ -15598,7 +15598,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Workload Manager cves: @@ -15627,7 +15627,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Workload XM cves: @@ -15657,7 +15657,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Workload XM (SaaS) cves: @@ -15686,7 +15686,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CloudFlare product: '' cves: @@ -15715,7 +15715,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudian HyperStore product: '' cves: @@ -15744,7 +15744,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudogu product: Ecosystem cves: @@ -15774,7 +15774,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudogu product: SCM-Manager cves: @@ -15803,7 +15803,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudron product: '' cves: @@ -15832,7 +15832,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Clover product: '' cves: @@ -15861,7 +15861,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Code42 product: Code42 App cves: @@ -15952,7 +15952,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Codesys product: '' cves: @@ -15981,7 +15981,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cohesity product: '' cves: @@ -16010,7 +16010,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CommVault product: '' cves: @@ -16039,7 +16039,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Concourse product: Concourse cves: @@ -16068,7 +16068,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ConcreteCMS.com product: '' cves: @@ -16097,7 +16097,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Confluent product: Confluent Cloud cves: @@ -16426,7 +16426,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ConnectWise product: '' cves: @@ -16455,7 +16455,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ContrastSecurity product: '' cves: @@ -16484,7 +16484,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ControlUp product: '' cves: @@ -16513,7 +16513,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: COPADATA product: All cves: @@ -16571,7 +16571,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CPanel product: '' cves: @@ -16600,7 +16600,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cradlepoint product: '' cves: @@ -16629,7 +16629,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Crestron product: '' cves: @@ -16687,7 +16687,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CryptShare product: '' cves: @@ -16716,7 +16716,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CyberArk product: Privileged Threat Analytics (PTA) cves: @@ -16776,7 +16776,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CyberRes product: '' cves: @@ -16805,7 +16805,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Daktronics product: All Sport Pro cves: @@ -17417,7 +17417,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dassault Systèmes product: '' cves: @@ -17446,7 +17446,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Databricks product: '' cves: @@ -17475,7 +17475,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Datadog product: Datadog Agent cves: @@ -17508,7 +17508,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dataminer product: '' cves: @@ -17537,7 +17537,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Datev product: '' cves: @@ -17566,7 +17566,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Datto product: '' cves: @@ -17595,7 +17595,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: dCache.org product: '' cves: @@ -17624,7 +17624,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Debian product: '' cves: @@ -17653,7 +17653,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Deepinstinct product: '' cves: @@ -17682,7 +17682,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dell product: '"Dell EMC PowerMax VMAX VMAX3 and VMAX AFA"' cves: @@ -25107,7 +25107,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Device42 product: '' cves: @@ -25136,7 +25136,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Devolutions product: All products cves: @@ -25165,7 +25165,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Diebold Nixdorf product: '' cves: @@ -25194,7 +25194,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Digi International product: AnywhereUSB Manager cves: @@ -26354,7 +26354,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Digital AI product: '' cves: @@ -26383,7 +26383,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Digital Alert Systems product: All cves: @@ -26441,7 +26441,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Docker product: '' cves: @@ -26470,7 +26470,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Docusign product: '' cves: @@ -26499,7 +26499,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: DrayTek product: Vigor Routers, Access Points, Switches, VigorACS Central Management Software, MyVigor Platform @@ -26558,7 +26558,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dynatrace product: ActiveGate cves: @@ -26819,7 +26819,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Eaton product: Undisclosed cves: @@ -26851,7 +26851,7 @@ software: wall. references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: EclecticIQ product: '' cves: @@ -26880,7 +26880,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Eclipse Foundation product: '' cves: @@ -26909,7 +26909,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Edwards product: '' cves: @@ -26967,7 +26967,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: EGroupware product: '' cves: @@ -26996,7 +26996,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Elastic product: APM Java Agent cves: @@ -27580,7 +27580,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ellucian product: Admin cves: @@ -31036,7 +31036,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ESET product: '' cves: @@ -31065,7 +31065,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ESRI product: ArcGIS Data Store cves: @@ -31280,7 +31280,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Evolveum Midpoint product: '' cves: @@ -31309,7 +31309,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ewon product: '' cves: @@ -31338,7 +31338,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Exabeam product: '' cves: @@ -31368,7 +31368,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Exact product: '' cves: @@ -31397,7 +31397,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Exivity product: '' cves: @@ -31426,7 +31426,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ExtraHop product: Reveal(x) cves: @@ -31487,7 +31487,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Extreme Networks product: '' cves: @@ -31516,7 +31516,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Extron product: '' cves: @@ -31545,7 +31545,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Elements Connector cves: @@ -31574,7 +31574,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Endpoint Proxy cves: @@ -31604,7 +31604,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Messaging Security Gateway cves: @@ -31633,7 +31633,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Policy Manager cves: @@ -31663,7 +31663,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Policy Manager Proxy cves: @@ -31693,7 +31693,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: BIG-IP (all modules) cves: @@ -31723,7 +31723,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: BIG-IQ Centralized Management cves: @@ -31753,7 +31753,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: F5OS cves: @@ -31783,7 +31783,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX App Protect cves: @@ -31813,7 +31813,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Controller cves: @@ -31843,7 +31843,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Ingress Controller cves: @@ -31873,7 +31873,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Instance Manager cves: @@ -31903,7 +31903,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Open Source cves: @@ -31933,7 +31933,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Plus cves: @@ -31963,7 +31963,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Service Mesh cves: @@ -31993,7 +31993,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Unit cves: @@ -32023,7 +32023,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: Traffix SDC cves: @@ -32055,7 +32055,7 @@ software: Kibana), Element Management System' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FAST LTA product: '' cves: @@ -32084,7 +32084,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fastly product: '' cves: @@ -32113,7 +32113,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FedEx product: Ship Manager Software cves: @@ -32210,7 +32210,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FileCatalyst product: '' cves: @@ -32239,7 +32239,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FileCloud product: '' cves: @@ -32268,7 +32268,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FileWave product: '' cves: @@ -32297,7 +32297,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FINVI product: '' cves: @@ -32326,7 +32326,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FireDaemon product: '' cves: @@ -32355,7 +32355,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fisher & Paykel Healthcare product: '' cves: @@ -32413,7 +32413,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Flexera product: '' cves: @@ -32442,7 +32442,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: DLP Manager cves: @@ -32471,7 +32471,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: Forcepoint Cloud Security Gateway (CSG) cves: @@ -32500,7 +32500,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: Next Generation Firewall (NGFW) cves: @@ -32529,7 +32529,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service and Sidewinder @@ -32559,7 +32559,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: One Endpoint cves: @@ -32588,7 +32588,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: Security Manager (Web, Email and DLP) cves: @@ -32617,7 +32617,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forescout product: '' cves: @@ -32646,7 +32646,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ForgeRock product: Autonomous Identity cves: @@ -32675,7 +32675,7 @@ software: notes: all other ForgeRock products Not vulnerable references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAIOps cves: @@ -32704,7 +32704,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAnalyzer cves: @@ -32733,7 +32733,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAnalyzer Cloud cves: @@ -32762,7 +32762,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAP cves: @@ -32791,7 +32791,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAuthenticator cves: @@ -32820,7 +32820,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiCASB cves: @@ -32849,7 +32849,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiConvertor cves: @@ -32878,7 +32878,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiDeceptor cves: @@ -32907,7 +32907,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiEDR Agent cves: @@ -32936,7 +32936,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiEDR Cloud cves: @@ -32965,7 +32965,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiGate Cloud cves: @@ -32994,7 +32994,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiGSLB Cloud cves: @@ -33023,7 +33023,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiMail cves: @@ -33052,7 +33052,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiManager cves: @@ -33081,7 +33081,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiManager Cloud cves: @@ -33110,7 +33110,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiNAC cves: @@ -33139,7 +33139,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiNAC cves: @@ -33168,7 +33168,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiOS (includes FortiGate & FortiWiFi) cves: @@ -33197,7 +33197,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiPhish Cloud cves: @@ -33226,7 +33226,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiPolicy cves: @@ -33255,7 +33255,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiPortal cves: @@ -33284,7 +33284,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiRecorder cves: @@ -33313,7 +33313,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiSIEM cves: @@ -33342,7 +33342,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiSOAR cves: @@ -33371,7 +33371,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiSwicth Cloud in FortiLANCloud cves: @@ -33400,7 +33400,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiSwitch & FortiSwitchManager cves: @@ -33429,7 +33429,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiToken Cloud cves: @@ -33458,7 +33458,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiVoice cves: @@ -33487,7 +33487,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiWeb Cloud cves: @@ -33516,7 +33516,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: ShieldX cves: @@ -33545,7 +33545,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FTAPI product: '' cves: @@ -33574,7 +33574,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fujitsu product: '' cves: @@ -33603,7 +33603,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FusionAuth product: FusionAuth cves: @@ -33633,7 +33633,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GE Digital product: '' cves: @@ -33900,7 +33900,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Genesys product: '' cves: @@ -33929,7 +33929,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GeoServer product: '' cves: @@ -33958,7 +33958,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gerrit code review product: '' cves: @@ -33987,7 +33987,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GFI product: '' cves: @@ -34016,7 +34016,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ghidra product: '' cves: @@ -34045,7 +34045,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gigamon product: Fabric Manager cves: @@ -34135,7 +34135,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Globus product: '' cves: @@ -34164,7 +34164,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GoAnywhere product: Gateway cves: @@ -38287,7 +38287,7 @@ software: notes: Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gradle product: Gradle Enterprise cves: @@ -38317,7 +38317,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gradle product: Gradle Enterprise Build Cache Node cves: @@ -38347,7 +38347,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gradle product: Gradle Enterprise Test Distribution Agent cves: @@ -38377,7 +38377,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Grafana product: '' cves: @@ -38406,7 +38406,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Grandstream product: '' cves: @@ -38435,7 +38435,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Access Management cves: @@ -38465,7 +38465,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Access Management cves: @@ -38495,7 +38495,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Alert Engine cves: @@ -38525,7 +38525,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Alert Engine cves: @@ -38555,7 +38555,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: API Management cves: @@ -38585,7 +38585,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: API Management cves: @@ -38615,7 +38615,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Cockpit cves: @@ -38645,7 +38645,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee.io product: '' cves: @@ -38674,7 +38674,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravwell product: '' cves: @@ -38703,7 +38703,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Graylog product: Graylog Server cves: @@ -38733,7 +38733,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GreenShot product: '' cves: @@ -38762,7 +38762,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GSA product: Cloud.gov cves: @@ -38820,7 +38820,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HAProxy product: '' cves: @@ -38849,7 +38849,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HarmanPro AMX product: '' cves: @@ -38878,7 +38878,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Boundary cves: @@ -38907,7 +38907,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Consul cves: @@ -38936,7 +38936,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Consul Enterprise cves: @@ -38965,7 +38965,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Nomad cves: @@ -38994,7 +38994,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Nomad Enterprise cves: @@ -39023,7 +39023,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Packer cves: @@ -39052,7 +39052,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Terraform cves: @@ -39081,7 +39081,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Terraform Enterprise cves: @@ -39110,7 +39110,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Vagrant cves: @@ -39139,7 +39139,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Vault cves: @@ -39168,7 +39168,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Vault Enterprise cves: @@ -39197,7 +39197,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Waypoint cves: @@ -39226,7 +39226,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HCL Software product: BigFix Compliance cves: @@ -39465,7 +39465,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HENIX product: Squash TM cves: @@ -39526,7 +39526,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Hikvision product: '' cves: @@ -39555,7 +39555,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Hitachi Energy product: 3rd party - Elastic Search, Kibana cves: @@ -39742,7 +39742,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Hitachi Energy product: FOXMAN-UN cves: @@ -40149,7 +40149,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HMS Industrial Networks AB product: Cosy, Flexy and Ewon CD cves: @@ -40823,7 +40823,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HP product: Teradici Cloud Access Controller cves: @@ -44204,7 +44204,7 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: [] @@ -44775,7 +44775,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Hubspot product: '' cves: @@ -44804,7 +44804,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: I-Net software product: '' cves: @@ -44833,7 +44833,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: I2P product: '' cves: @@ -44862,7 +44862,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBA-AG product: '' cves: @@ -44891,7 +44891,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ibexa product: '' cves: @@ -44920,7 +44920,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Analytics Engine cves: @@ -45238,7 +45238,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: BigFix Inventory cves: @@ -45269,7 +45269,7 @@ software: of log4j is included. Version is included in the name of the library. references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Block Storage cves: @@ -47999,7 +47999,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Mass Data Migration cves: @@ -48609,7 +48609,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Robotic Process Automation cves: @@ -48811,7 +48811,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Spectrum Archive Library Edition cves: @@ -50464,7 +50464,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IGEL product: '' cves: @@ -50493,7 +50493,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ignite Realtime product: '' cves: @@ -50522,7 +50522,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: iGrafx product: '' cves: @@ -50551,7 +50551,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Illuminated Cloud product: '' cves: @@ -50580,7 +50580,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Illumio product: C-VEN cves: @@ -50986,7 +50986,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Imperva product: '' cves: @@ -51015,7 +51015,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Inductive Automation product: Ignition cves: @@ -51075,7 +51075,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: infinidat product: '' cves: @@ -51104,7 +51104,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: InfluxData product: '' cves: @@ -51133,7 +51133,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Infoblox product: '' cves: @@ -51162,7 +51162,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Informatica product: '' cves: @@ -51191,7 +51191,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Instana product: '' cves: @@ -51220,7 +51220,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Instructure product: '' cves: @@ -51249,7 +51249,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Intel product: Audio Development Kit cves: @@ -51629,7 +51629,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Intland product: codebeamer cves: @@ -51661,7 +51661,7 @@ software: and [21.09](https://codebeamer.com/cb/wiki/19418497), but not yet for [21.04](https://codebeamer.com/cb/wiki/16937839) references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IPRO product: Netgovern cves: @@ -51689,7 +51689,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: iRedMail product: '' cves: @@ -51718,7 +51718,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ironnet product: '' cves: @@ -51747,7 +51747,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ISLONLINE product: '' cves: @@ -51776,7 +51776,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ivanti product: Application Control for Linux cves: @@ -53977,7 +53977,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jamf product: Jamf Pro cves: @@ -54007,7 +54007,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Janitza product: GridVis cves: @@ -54066,7 +54066,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jedox product: '' cves: @@ -54095,7 +54095,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jenkins product: CI/CD Core cves: @@ -54123,7 +54123,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jenkins product: Plugins cves: @@ -54183,7 +54183,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jetbrains product: Code With Me cves: @@ -54213,7 +54213,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Datalore cves: @@ -54243,7 +54243,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Floating license server cves: @@ -54273,7 +54273,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Gateway cves: @@ -54303,7 +54303,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Hub cves: @@ -54333,7 +54333,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, @@ -54365,7 +54365,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Kotlin cves: @@ -54395,7 +54395,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Ktor cves: @@ -54425,7 +54425,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: MPS cves: @@ -54455,7 +54455,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Space cves: @@ -54485,7 +54485,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: TeamCity cves: @@ -54515,7 +54515,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: ToolBox cves: @@ -54545,7 +54545,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: UpSource cves: @@ -54575,7 +54575,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: YouTrack InCloud cves: @@ -54605,7 +54605,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: YouTrack Standalone cves: @@ -54635,7 +54635,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JFROG product: '' cves: @@ -54664,7 +54664,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jitsi product: '' cves: @@ -54693,7 +54693,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jitterbit product: '' cves: @@ -54722,7 +54722,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Johnson Controls product: BCPro cves: @@ -55591,7 +55591,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: jPOS product: (ISO-8583) bridge cves: @@ -55621,7 +55621,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jump Desktop product: '' cves: @@ -55650,7 +55650,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Juniper Networks product: '' cves: @@ -55679,7 +55679,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Justice Systems product: '' cves: @@ -55708,7 +55708,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: K15t product: '' cves: @@ -55737,7 +55737,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: K6 product: '' cves: @@ -55766,7 +55766,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Karakun product: '' cves: @@ -55795,7 +55795,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Kaseya product: '' cves: @@ -55824,7 +55824,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Keeper Security product: '' cves: @@ -55853,7 +55853,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: KEMP product: '' cves: @@ -55882,7 +55882,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: KEMP 2 product: '' cves: @@ -55911,7 +55911,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Kofax product: '' cves: @@ -55940,7 +55940,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Konica Minolta product: '' cves: @@ -55969,7 +55969,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Kronos UKG product: '' cves: @@ -55998,7 +55998,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Kyberna product: '' cves: @@ -56027,7 +56027,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: L-Soft product: '' cves: @@ -56056,7 +56056,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: L3Harris Geospatial product: '' cves: @@ -56085,7 +56085,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lancom Systems product: '' cves: @@ -56114,7 +56114,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lansweeper product: '' cves: @@ -56143,7 +56143,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Laserfiche product: '' cves: @@ -56172,7 +56172,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LastPass product: '' cves: @@ -56201,7 +56201,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LaunchDarkly product: '' cves: @@ -56230,7 +56230,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Leanix product: '' cves: @@ -56259,7 +56259,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Leica BIOSYSTEMS product: Aperio AT2 cves: @@ -58439,7 +58439,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Let's Encrypt product: '' cves: @@ -58468,7 +58468,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LibreNMS product: '' cves: @@ -58497,7 +58497,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LifeRay product: '' cves: @@ -58526,7 +58526,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LifeSize product: '' cves: @@ -58555,7 +58555,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lightbend product: '' cves: @@ -58584,7 +58584,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lime CRM product: '' cves: @@ -58613,7 +58613,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LIONGARD product: '' cves: @@ -58642,7 +58642,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LiquidFiles product: '' cves: @@ -58671,7 +58671,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LiveAction product: '' cves: @@ -58700,7 +58700,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Loftware product: '' cves: @@ -58729,7 +58729,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LOGalyze product: SIEM & log analyzer tool cves: @@ -58790,7 +58790,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LogicMonitor product: LogicMonitor Platform cves: @@ -58819,7 +58819,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LogMeIn product: '' cves: @@ -58848,7 +58848,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LogRhythm product: '' cves: @@ -58877,7 +58877,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Looker product: Looker cves: @@ -58912,7 +58912,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LucaNet product: '' cves: @@ -58941,7 +58941,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lucee product: '' cves: @@ -58970,7 +58970,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lyrasis product: Fedora Repository cves: @@ -59033,7 +59033,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Maltego product: '' cves: @@ -59062,7 +59062,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ManageEngine product: AD SelfService Plus cves: @@ -59150,7 +59150,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ManageEngine Zoho product: ADAudit Plus cves: @@ -59527,7 +59527,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MathWorks product: All MathWorks general release desktop or server products cves: @@ -59645,7 +59645,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mattermost FocalBoard product: '' cves: @@ -59674,7 +59674,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: McAfee product: Data Exchange Layer (DXL) Client cves: @@ -60550,7 +60550,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MEINBERG product: LANTIME and microSync cves: @@ -60608,7 +60608,7 @@ software: notes: Project is written in Python references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Memurai product: '' cves: @@ -60705,7 +60705,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure Application Gateway cves: @@ -60734,7 +60734,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure Data lake store java cves: @@ -60764,7 +60764,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure Data lake store java cves: @@ -60794,7 +60794,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure DevOps cves: @@ -60823,7 +60823,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure DevOps Server cves: @@ -60853,7 +60853,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure Traffic Manager cves: @@ -60882,7 +60882,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Team Foundation Server cves: @@ -60912,7 +60912,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microstrategy product: '' cves: @@ -60999,7 +60999,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Milestone sys product: '' cves: @@ -61028,7 +61028,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mimecast product: '' cves: @@ -61057,7 +61057,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Minecraft product: '' cves: @@ -61086,7 +61086,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mirantis product: '' cves: @@ -61115,7 +61115,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Miro product: '' cves: @@ -61144,7 +61144,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mitel product: '' cves: @@ -61173,7 +61173,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MMM Group product: Control software of all MMM series cves: @@ -61261,7 +61261,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Atlas Search cves: @@ -61290,7 +61290,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators) @@ -61320,7 +61320,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Drivers cves: @@ -61349,7 +61349,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, Enterprise Kubernetes Operators) @@ -61379,7 +61379,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Realm (including Realm Database, Sync, Functions, APIs) cves: @@ -61408,7 +61408,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas CLI, Database Connectors) @@ -61438,7 +61438,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Moodle product: '' cves: @@ -61467,7 +61467,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MoogSoft product: '' cves: @@ -61496,7 +61496,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Motorola Avigilon product: '' cves: @@ -61587,7 +61587,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mulesoft product: Anypoint Studio cves: @@ -61740,7 +61740,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nagios product: '' cves: @@ -61769,7 +61769,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NAKIVO product: '' cves: @@ -61798,7 +61798,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: National Instruments product: OptimalPlus cves: @@ -61890,7 +61890,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Netcup product: '' cves: @@ -61919,7 +61919,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NetGate PFSense product: '' cves: @@ -61948,7 +61948,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Netwrix product: '' cves: @@ -61977,7 +61977,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: New Relic product: Containerized Private Minion (CPM) cves: @@ -62068,7 +62068,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nextflow product: Nextflow cves: @@ -62156,7 +62156,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NinjaRMM product: '' cves: @@ -62186,7 +62186,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nomachine product: '' cves: @@ -62215,7 +62215,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NoviFlow product: '' cves: @@ -62244,7 +62244,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Backlog cves: @@ -62274,7 +62274,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Backlog Enterprise (On-premises) cves: @@ -62304,7 +62304,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Cacoo cves: @@ -62334,7 +62334,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Cacoo Enterprise (On-premises) cves: @@ -62364,7 +62364,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Typetalk cves: @@ -62394,7 +62394,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nutanix product: AHV cves: @@ -63466,7 +63466,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NXLog product: '' cves: @@ -63495,7 +63495,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Objectif Lune product: '' cves: @@ -63524,7 +63524,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OCLC product: '' cves: @@ -63553,7 +63553,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Octopus product: '' cves: @@ -63582,7 +63582,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Okta product: Advanced Server Access cves: @@ -63932,7 +63932,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Opengear product: '' cves: @@ -63961,7 +63961,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OpenMRS TALK product: '' cves: @@ -63990,7 +63990,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OpenNMS product: '' cves: @@ -64019,7 +64019,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OpenSearch product: '' cves: @@ -64048,7 +64048,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OpenText product: '' cves: @@ -64325,7 +64325,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Osirium product: PAM cves: @@ -64354,7 +64354,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Osirium product: PEM cves: @@ -64383,7 +64383,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Osirium product: PPA cves: @@ -64412,7 +64412,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OTRS product: '' cves: @@ -64441,7 +64441,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OVHCloud product: '' cves: @@ -64470,7 +64470,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OwnCloud product: '' cves: @@ -64499,7 +64499,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OxygenXML product: Author cves: @@ -64877,6 +64877,2754 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' + - vendor: Palantir + product: Palantir AI Inference Platform (AIP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: Fully remediated as of 1.97.0. Disconnected customer instances may require + manual updates. + references: + - '' + last_updated: '2021-12-19T00:00:00' + - vendor: Palantir + product: Palantir Apollo + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: No impact, and updates have been deployed for full remediation. + references: + - '' + last_updated: '2021-12-19T00:00:00' + - vendor: Palantir + product: Palantir Foundry + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: No impact to Palantir-hosted or Apollo-connected instances, and updates + have been deployed for full remediation. Disconnected customer instances may + require manual updates. + references: + - '' + last_updated: '2021-12-19T00:00:00' + - vendor: Palantir + product: Palantir Gotham + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - All + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: No impact to Palantir-hosted or Apollo-connected instances, and updates + have been deployed for full remediation. Disconnected customer instances may + require manual updates. + references: + - '' + last_updated: '2021-12-19T00:00:00' + - vendor: Palo-Alto Networks + product: Bridgecrew + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: CloudGenix + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Cortex Data Lake + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Cortex XDR Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Cortex Xpanse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Cortex XSOAR + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Expedition + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: GlobalProtect App + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: IoT Security + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Okyo Grade + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Palo-Alto Networks-OS for Firewall and Wildfire + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Palo-Alto Networks-OS for Panorama + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '9.0' + - '9.1' + - '10.0' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will + be updated when hot fixes for the affected Panorama versions are available. + PAN-OS for Panorama versions 8.1, 10.1 are not affected. + last_updated: '2021-12-15T00:00:00' + - vendor: Palo-Alto Networks + product: Prisma Access + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Prisma Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Prisma Cloud Compute + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: SaaS Security + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: User-ID Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: WildFire Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: WildFire Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Panopto + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PaperCut + product: PaperCut MF + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 21.0 and later + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.papercut.com/support/known-issues/?id=PO-684#ng + notes: Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted + by this. Workaround manual steps available in reference. Upgrade to PaperCut + NG/MF version 21.2.3 Now Available to resolve. + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: PaperCut + product: PaperCut NG + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 21.0 and later + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.papercut.com/support/known-issues/?id=PO-684#ng + notes: Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted + by this. Workaround manual steps available in reference. Upgrade to PaperCut + NG/MF version 21.2.3 Now Available to resolve. + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Parallels + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.parallels.com/en/128696 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Parse.ly + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.parse.ly/parse-ly-log4shell/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PBXMonitor + product: RMM for 3CX PBX + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.pbxmonitor.net/changelog.php + notes: Mirror Servers were also checked to ensure Log4J was not installed or being + used by any of our systems. + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Pega + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pentaho + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho- + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pepperl+Fuchs + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.pepperl-fuchs.com/global/en/29079.htm + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Percona + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.percona.com/blog/log4jshell-vulnerability-update/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pexip + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Phenix Id + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.phenixid.se/uncategorized/log4j-fix/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Philips + product: Multiple products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.philips.com/a-w/security/security-advisories.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PHOENIX CONTACT + product: Cloud Services + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf + notes: Partly affected. Remediations are being implemented. + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: PHOENIX CONTACT + product: Physical products containing firmware + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: PHOENIX CONTACT + product: Software Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Ping Identity + product: PingAccess + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.0 <= version <= 6.3.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingCentral + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingFederate + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 8.0 <= version <= 10.3.4 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingFederate Java Integration Kit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 2.7.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingFederate OAuth Playground + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 4.3.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingIntelligence + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pitney Bowes + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.pitneybowes.com/us/support/apache-log4j-vulnerability.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Planmeca + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.planmeca.com/apache-log4j-vulnerability-in-planmeca-products/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Planon Software + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://my.planonsoftware.com/uk/news/log4j-impact-on-planon/ + notes: This advisory is available for customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Platform.SH + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://platform.sh/blog/2021/platformsh-protects-from-apache-log4j/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Plesk + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Plex + product: Plex Industrial IoT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: The product has been updated to Log4j version 2.15. An additional patch + is being developed to update to 2.16. No user interaction is required. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Polycom + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Portainer + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.portainer.io/blog/portainer-statement-re-log4j-cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PortSwigger + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PostGreSQL + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Postman + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228- + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Power Admin LLC + product: PA File Sight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - NONE + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Power Admin LLC + product: PA Server Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - NONE + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Power Admin LLC + product: PA Storage Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - NONE + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: Pretix + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://pretix.eu/about/de/blog/20211213-log4j/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PrimeKey + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Progress / IpSwitch + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.progress.com/security + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ProofPoint + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://proofpointcommunities.force.com/community/s/article/Proofpoint-Statement-Regarding-CVE-2021-44228-Java-logging-package-log4j2 + notes: This advisory is available for customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ProSeS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.proses.de/en/2021/12/16/log4shell-cve-2021-44228/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Prosys + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://prosysopc.com/news/important-security-release/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Proxmox + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PRTG Paessler + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.paessler.com/en/topic/90213-is-prtg-affected-by-cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PTC + product: Axeda Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 6.9.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ptc.com/en/support/article/CS358990 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: PTC + product: ThingsWorx Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '8.5' + - '9.0' + - '9.1' + - '9.2' + - All supported versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ptc.com/en/support/article/CS358901 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: PTC + product: ThingsWorx Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '8.5' + - '9.0' + - '9.1' + - '9.2' + - All supported versions + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ptc.com/en/support/article/CS358901 + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: PTV Group + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Connect Secure (ICS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for secure Access + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for secure Access + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for ZTA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for ZTA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Connect Secure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Desktop Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Mobile Client + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse One + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Policy Secure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Secure Services Director + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Secure Virtual Traffic Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Secure Web Application Firewall + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse ZTA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Puppet + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pure Storage + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22) + notes: This advisory is available for customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pure Storage + product: Cloud Blockstore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - CBS6.1.x + - CBS6.2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: Patch expected 12/27/2021 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: Flash Array + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 5.3.x + - 6.0.x + - 6.1.x + - 6.2.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: Patch expected 12/20/2021 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: FlashBlade + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.1.x + - 3.2.x + - 3.3.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: Patch expected 12/24/2021 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: PortWorx + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2.8.0+ + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: Pure1 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - N/A + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pyramid Analytics + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.pyramidanalytics.com/t/83hjjt4/log4j-security-vulnerability-pyramid + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: QF-Test product: '' cves: @@ -64905,7 +67653,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Qlik product: '' cves: @@ -64934,7 +67682,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: QMATIC product: Appointment Booking cves: @@ -65083,7 +67831,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: QOPPA product: '' cves: @@ -65112,7 +67860,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: QSC Q-SYS product: '' cves: @@ -65141,7 +67889,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: QT product: '' cves: @@ -65170,7 +67918,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Quest Global product: '' cves: @@ -65199,7 +67947,2862 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: R + product: R + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 4.1.1 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.r-project.org/ + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: R2ediviewer + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://r2ediviewer.de/DE/reload.html?Change-log_17858584.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Radware + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.radware.com/app/answers/answer_view/a_id/1029752 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Rapid7 + product: AlcidekArt, kAdvisor, and kAudit + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: AppSpider Enterprise + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: AppSpider Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Insight Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightAppSec Scan Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightAppSec Scan Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightCloudSec/DivvyCloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightConnect Orchestrator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightIDR Network Sensor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightIDR/InsightOps Collector & Event Sources + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightOps DataHub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - InsightOps DataHub <= 2.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Upgrade [DataHub to version 2.0.1](https://rep.logentries.com/datahub/DataHub_2.0.1.deb) + using the [following instructions](https://docs.rapid7.com/insightops/setting-up-datahub/). + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightOps non-Java logging libraries + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightOps r7insight_java logging library + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <=3.0.8 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Upgrade [r7insight_java](https://github.com/rapid7/r7insight_java) to 3.0.9 + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM Kubernetes Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM/Nexpose + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM/Nexpose Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” + packaged in them. This is a different library than log4j-core and is not vulnerable + to Log4Shell. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM/Nexpose Engine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” + packaged in them. This is a different library than log4j-core and is not vulnerable + to Log4Shell. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: IntSights virtual appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Logentries DataHub + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Linux version <= 1.2.0.820; Windows version <= 1.2.0.820 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: 'Linux: Install DataHub_1.2.0.822.deb using the following [instructions](https://docs.logentries.com/docs/datahub-linux). + Windows: Run version 1.2.0.822 in a Docker container or as a Java command per + these [instructions](https://docs.logentries.com/docs/datahub-windows). You + can find more details [here](https://docs.logentries.com/docs/datahub-linux).' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Logentries le_java logging library + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 'All versions: this is a deprecated component' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Migrate to version 3.0.9 of [r7insight_java](https://github.com/rapid7/r7insight_java) + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Metasploit Framework + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Metasploit Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Metasploit Pro ships with log4j but has specific configurations applied + to it that mitigate Log4Shell. A future update will contain a fully patched + version of log4j. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: tCell Java Agent + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Velociraptor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - on-prem + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Raritan + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.raritan.com/support + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Ravelin + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://syslog.ravelin.com/log4shell-cve-2021-44228-4338bb8da67b + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Real-Time Innovations (RTI) + product: Distributed Logger + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: Recording Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Administration Console + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Code Generator + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Code Generator Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Micro Application Generator (MAG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - as part of RTI Connext Micro 3.0.0 + - 3.0.1 + - 3.0.2 + - 3.0.3 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Micro Application Generator (MAG) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - as part of RTI Connext Professional 6.0.0 and 6.0.1 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Monitor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Red Hat + product: log4j-core + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Integration Camel K + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5130](https://access.redhat.com/errata/RHSA-2021:5130)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat build of Quarkus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat CodeReady Studio + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 12.21.0 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[CRS 12.21.1 Patch](https://developers.redhat.com/products/codeready-studio/download?source=sso)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Data Grid + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '8' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5132](http://access.redhat.com/errata/RHSA-2021:5132)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Decision Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Enterprise Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '6' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Enterprise Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Enterprise Linux + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '8' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Integration Camel Quarkus + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5126](https://access.redhat.com/errata/RHSA-2021:5126)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss A-MQ Streaming + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5138](https://access.redhat.com/errata/RHSA-2021:5138)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss Enterprise Application Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '7' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: "[Maven Patch](https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.4)\ + \ - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't\ + \ affected." + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss Enterprise Application Platform Expansion Pack + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss Fuse + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '7' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5134](https://access.redhat.com/errata/RHSA-2021:5134)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Process Automation + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '7' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: "[Maven Patch](https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=103671&product=rhpam&version=7.11.1&downloadType=patches)\ + \ - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't\ + \ affected." + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Single Sign-On + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Vert.X + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '4' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5093](https://access.redhat.com/errata/RHSA-2021:5093)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Satellite 5 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Spacewalk + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 3.11 + product: openshift3/ose-logging-elasticsearch5 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5094](http://access.redhat.com/errata/RHSA-2021:5094)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 4 + product: openshift4/ose-logging-elasticsearch6 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 4 + product: openshift4/ose-metering-hive + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 4 + product: openshift4/ose-metering-presto + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Logging + product: logging-elasticsearch6-container + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenStack Platform 13 (Queens) + product: opendaylight + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: End of Life + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat Software Collections + product: rh-java-common-log4j + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat Software Collections + product: rh-maven35-log4j12 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat Software Collections + product: rh-maven36-log4j12 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red5Pro + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RedGate + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.red-gate.com/privacy-and-security/vulnerabilities/2021-12-15-log4j-statement + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Redis + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://redis.com/security/notice-apache-log4j2-cve-2021-44228/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Reiner SCT + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.reiner-sct.com/index.php?/topic/5973-timecard-und-log4j-schwachstelle/&do=findComment&comment=14933 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ReportURI + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://scotthelme.co.uk/responding-to-the-log4j-2-vulnerability/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ResMed + product: AirView + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.resmed.com/en-us/security/ + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: ResMed + product: myAir + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.resmed.com/en-us/security/ + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Respondus + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.respondus.com/support/index.php?/News/NewsItem/View/339 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Revenera / Flexera + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Ricoh + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ricoh.com/info/2021/1215_1/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RingCentral + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ringcentral.com/trust-center/security-bulletin.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Riverbed + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://supportkb.riverbed.com/support/index?page=content&id=S35645 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Rockwell Automation + product: FactoryTalk Analytics DataFlowML + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.00.00 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: FactoryTalk Analytics DataView + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.03.00 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: Industrial Data Center + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Gen 1 + - Gen 2 + - Gen 3 + - Gen 3.5 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: MES EIG + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 3.03.00 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: Customers should upgrade to EIG Hub if possible or work with their local + representatives about alternative solutions. + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: VersaVirtual + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Series A + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: Warehouse Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 4.01.00 + - 4.02.00 + - 4.02.01 + - 4.02.02 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Rollbar + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://rollbar.com/blog/log4j-zero-day-2021-log4shell/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Rosette.com + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Authentication Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Authentication Manager Prime + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Authentication Manager WebTier + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Governance and Lifecycle + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Governance and Lifecycle Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Identity Router + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA Netwitness + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Rstudioapi + product: Rstudioapi + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '0.13' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/rstudio/rstudioapi + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Rubrik + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Ruckus + product: Virtual SmartZone (vSZ) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 5.1 to 6.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.ruckuswireless.com/security_bulletins/313 + notes: '' + references: + - '' + last_updated: '2021-12-13T00:00:00' + - vendor: RunDeck by PagerDuty + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://docs.rundeck.com/docs/history/CVEs/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Runecast product: Runecast Analyzer cves: @@ -65229,7 +70832,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SAE-IT product: '' cves: @@ -65258,7 +70861,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SAFE FME Server product: '' cves: @@ -65287,7 +70890,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SAGE product: '' cves: @@ -65316,7 +70919,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SailPoint product: '' cves: @@ -65346,7 +70949,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Salesforce product: Analytics Cloud cves: @@ -66319,7 +71922,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SAP product: '' cves: @@ -66438,7 +72041,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SASSAFRAS product: '' cves: @@ -66467,7 +72070,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Savignano software solutions product: '' cves: @@ -66496,7 +72099,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SBT product: SBT cves: @@ -66556,7 +72159,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ScaleFusion MobileLock Pro product: '' cves: @@ -66585,7 +72188,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Schneider Electric product: EASYFIT cves: @@ -67331,7 +72934,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ScreenBeam product: '' cves: @@ -67360,7 +72963,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SDL worldServer product: '' cves: @@ -67389,7 +72992,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Seagull Scientific product: '' cves: @@ -67418,7 +73021,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SecurePoint product: '' cves: @@ -67447,7 +73050,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Security Onion product: '' cves: @@ -67476,7 +73079,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Securonix product: Extended Detection and Response (XDR) cves: @@ -67655,7 +73258,7 @@ software: by CISA. references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SentinelOne product: '' cves: @@ -67684,7 +73287,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sentry product: '' cves: @@ -67713,7 +73316,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SEP product: '' cves: @@ -67742,7 +73345,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Server Eye product: '' cves: @@ -67771,7 +73374,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ServiceNow product: '' cves: @@ -67800,7 +73403,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Shibboleth product: '' cves: @@ -67829,7 +73432,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Shibboleth product: All Products cves: @@ -67889,7 +73492,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Siebel product: '' cves: @@ -67918,7 +73521,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Siemens product: Affected Products cves: @@ -69125,7 +74728,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sierra Wireless product: AirVantage and Octave cloud platforms cves: @@ -69213,7 +74816,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Silver Peak product: Orchestrator, Silver Peak GMS cves: @@ -69275,7 +74878,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SISCO product: '' cves: @@ -69333,7 +74936,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Skillable product: '' cves: @@ -69362,7 +74965,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SLF4J product: '' cves: @@ -69391,7 +74994,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Slurm product: Slurm cves: @@ -69479,7 +75082,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SmileCDR product: '' cves: @@ -69508,7 +75111,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sn0m product: '' cves: @@ -69537,7 +75140,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Snakemake product: Snakemake cves: @@ -69597,7 +75200,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Snow Software product: VM Access Proxy cves: @@ -69627,7 +75230,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Snowflake product: '' cves: @@ -69656,7 +75259,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Snyk product: Cloud Platform cves: @@ -69685,7 +75288,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Software AG product: '' cves: @@ -69714,7 +75317,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SolarWinds product: Database Performance Analyzer (DPA) cves: @@ -69835,7 +75438,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sonatype product: All Products cves: @@ -70777,7 +76380,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Spacelabs Healthcare product: ABP cves: @@ -71375,7 +76978,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Spigot product: '' cves: @@ -71404,7 +77007,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Splunk product: Data Stream Processor cves: @@ -72076,7 +77679,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Spring product: Spring Boot cves: @@ -72106,7 +77709,7 @@ software: switched the default logging system to Log4J2 references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Spring Boot product: '' cves: @@ -72135,7 +77738,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: StarDog product: '' cves: @@ -72164,7 +77767,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: STERIS product: Advantage cves: @@ -73701,7 +79304,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Storagement product: '' cves: @@ -73730,7 +79333,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: StormShield product: '' cves: @@ -73759,7 +79362,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: StrangeBee TheHive & Cortex product: '' cves: @@ -73788,7 +79391,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Stratodesk product: '' cves: @@ -73817,7 +79420,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Strimzi product: '' cves: @@ -73846,7 +79449,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Stripe product: '' cves: @@ -73875,7 +79478,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Styra product: '' cves: @@ -73904,7 +79507,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sumologic product: '' cves: @@ -73933,7 +79536,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SumoLogic product: '' cves: @@ -73962,7 +79565,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Superna EYEGLASS product: '' cves: @@ -73991,7 +79594,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Suprema Inc product: '' cves: @@ -74020,7 +79623,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SUSE product: '' cves: @@ -74049,7 +79652,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sweepwidget product: '' cves: @@ -74078,7 +79681,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Swyx product: '' cves: @@ -74107,7 +79710,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Synchro MSP product: '' cves: @@ -74136,7 +79739,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Syncplify product: '' cves: @@ -74165,7 +79768,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Synology product: '' cves: @@ -74194,7 +79797,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Synopsys product: '' cves: @@ -74223,7 +79826,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Syntevo product: '' cves: @@ -74252,7 +79855,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SysAid product: '' cves: @@ -74281,7 +79884,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sysdig product: '' cves: @@ -74310,7 +79913,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tableau product: Tableau Bridge cves: @@ -74567,7 +80170,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tanium product: All cves: @@ -74626,7 +80229,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TeamPasswordManager product: '' cves: @@ -74655,7 +80258,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Teamviewer product: '' cves: @@ -74684,7 +80287,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tech Software product: OneAegis (f/k/a IRBManager) cves: @@ -74803,7 +80406,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Telestream product: '' cves: @@ -74832,7 +80435,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tenable product: Tenable.io / Nessus cves: @@ -74862,7 +80465,7 @@ software: to CVE-2021-44228 or CVE-2021-45046 at this time references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Thales product: CADP/SafeNet Protect App (PA) - JCE cves: @@ -76698,7 +82301,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ThycoticCentrify product: Account Lifecycle Manager cves: @@ -76997,7 +82600,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Top Gun Technology (TGT) product: '' cves: @@ -77026,7 +82629,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TopDesk product: '' cves: @@ -77055,7 +82658,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Topicus Security product: Topicus KeyHub cves: @@ -77114,7 +82717,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tosibox product: '' cves: @@ -77143,7 +82746,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TPLink product: Omega Controller cves: @@ -77204,7 +82807,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tricentis Tosca product: '' cves: @@ -77233,7 +82836,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tridium product: '' cves: @@ -77531,7 +83134,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TrueNAS product: '' cves: @@ -77560,7 +83163,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tufin product: '' cves: @@ -77589,7 +83192,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TYPO3 product: '' cves: @@ -77618,7 +83221,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ubiquiti product: UniFi Network Application cves: @@ -77648,7 +83251,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ubiquiti product: UniFi Network Controller cves: @@ -77708,7 +83311,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: UiPath product: InSights cves: @@ -77767,7 +83370,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: UniFlow product: '' cves: @@ -77796,7 +83399,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Unify ATOS product: '' cves: @@ -77825,7 +83428,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Unimus product: '' cves: @@ -77854,7 +83457,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: USSIGNAL MSP product: '' cves: @@ -77883,7 +83486,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Varian product: Acuity cves: @@ -79113,7 +84716,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Varnish Software product: '' cves: @@ -79142,7 +84745,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Varonis product: '' cves: @@ -79171,7 +84774,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Veeam product: '' cves: @@ -79200,7 +84803,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Venafi product: '' cves: @@ -79229,7 +84832,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Veritas NetBackup product: '' cves: @@ -79258,7 +84861,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Vertica product: '' cves: @@ -79346,7 +84949,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: VMware product: API Portal for VMware Tanzu cves: @@ -80598,7 +86201,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wasp Barcode technologies product: '' cves: @@ -80627,7 +86230,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WatchGuard product: Secplicity cves: @@ -80656,7 +86259,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Western Digital product: '' cves: @@ -80685,7 +86288,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WIBU Systems product: CodeMeter Cloud Lite cves: @@ -80774,7 +86377,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WireShark product: '' cves: @@ -80803,7 +86406,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wistia product: '' cves: @@ -80832,7 +86435,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WitFoo product: '' cves: @@ -80861,7 +86464,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WordPress product: '' cves: @@ -80890,7 +86493,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Worksphere product: '' cves: @@ -80919,7 +86522,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wowza product: '' cves: @@ -80948,7 +86551,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WSO2 product: WSO2 Enterprise Integrator cves: @@ -80978,7 +86581,7 @@ software: notes: A temporary mitigation is available while vendor works on update references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XCP-ng product: '' cves: @@ -81007,7 +86610,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XenForo product: '' cves: @@ -81036,7 +86639,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Xerox product: '' cves: @@ -81065,7 +86668,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XPertDoc product: '' cves: @@ -81094,7 +86697,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XPLG product: '' cves: @@ -81123,7 +86726,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XWIKI product: '' cves: @@ -81152,7 +86755,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Xylem product: Aquatalk cves: @@ -81651,7 +87254,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: YellowFin product: '' cves: @@ -81680,7 +87283,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: YOKOGAWA product: '' cves: @@ -81738,7 +87341,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zabbix product: '' cves: @@ -81767,7 +87370,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ZAMMAD product: '' cves: @@ -81796,7 +87399,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zaproxy product: '' cves: @@ -81825,7 +87428,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zebra product: '' cves: @@ -81854,7 +87457,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zendesk product: All Products cves: @@ -81915,7 +87518,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zentera Systems, Inc. product: CoIP Access Platform cves: @@ -81974,7 +87577,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zesty product: '' cves: @@ -82003,7 +87606,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zimbra product: '' cves: @@ -82032,7 +87635,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zix product: '' cves: @@ -82090,7 +87693,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ZPE systems Inc product: '' cves: @@ -82119,7 +87722,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zscaler product: See Link (Multiple Products) cves: @@ -82177,7 +87780,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zyxel product: Security Firewall/Gateways cves: From 4b2427464835a2d72dbdd3a376dbce07f42e71dd Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Tue, 25 Jan 2022 14:48:05 -0500 Subject: [PATCH 07/10] Fix line length --- data/cisagov_W.yml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/data/cisagov_W.yml b/data/cisagov_W.yml index 158e9ee..31996e3 100644 --- a/data/cisagov_W.yml +++ b/data/cisagov_W.yml @@ -239,7 +239,9 @@ software: - 'All' vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 - notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. + notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender + components, however, JMSAppender is deactivated in the release package and not affected by + CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. references: - '' last_updated: '2022-01-21T00:00:00' @@ -272,7 +274,9 @@ software: - 'All' vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 - notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. + notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender + components, however, JMSAppender is deactivated in the release package and not affected by + CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. references: - '' last_updated: '2022-01-21T00:00:00' @@ -305,7 +309,9 @@ software: - 'All' vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 - notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. + notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender + components, however, JMSAppender is deactivated in the release package and not affected by + CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. references: - '' last_updated: '2022-01-21T00:00:00' From 1b09d6cac21127dca34906d0d35276967c925ad7 Mon Sep 17 00:00:00 2001 From: cisagovbot <65734717+cisagovbot@users.noreply.github.com> Date: Tue, 25 Jan 2022 19:58:48 +0000 Subject: [PATCH 08/10] Update the software list --- SOFTWARE-LIST.md | 9 +- data/cisagov.yml | 264 ++++++++++++++++++++++++++++++++++++-- data/cisagov_W.yml | 311 +++++++++++++++++++++++---------------------- 3 files changed, 419 insertions(+), 165 deletions(-) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index fdf75df..231f55a 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -2939,7 +2939,14 @@ NOTE: This file is automatically generated. To submit updates, please refer to | Western Digital | | | | Unknown | [link](https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | WIBU Systems | CodeMeter Cloud Lite | 2.2 and prior | | Affected | [link](https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | WIBU Systems | CodeMeter Keyring for TIA Portal | 1.30 and prior | | Affected | [link](https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf) | Only the Password Manager is affected | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | -| WindRiver | | | | Unknown | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Wind River | LTS17 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 | +| Wind River | LTS18 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 | +| Wind River | LTS19 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 | +| Wind River | LTS21 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Wind River | WRL-6 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 | +| Wind River | WRL-7 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 | +| Wind River | WRL-8 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 | +| Wind River | WRL-9 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 | | WireShark | | | | Unknown | [link](https://gitlab.com/wireshark/wireshark/-/issues/17783) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Wistia | | | | Unknown | [link](https://status.wistia.com/incidents/jtg0dfl5l224) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | WitFoo | | | | Unknown | [link](https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | diff --git a/data/cisagov.yml b/data/cisagov.yml index b0f11e7..371fd39 100644 --- a/data/cisagov.yml +++ b/data/cisagov.yml @@ -86349,35 +86349,279 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: WindRiver - product: '' + - vendor: Wind River + product: LTS17 cves: cve-2021-4104: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-45046: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-45105: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: '' + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: LTS18 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: '' + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: LTS19 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: '' + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: LTS21 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Wind River + product: WRL-6 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 + and JMSAppender components, however, JMSAppender is deactivated in the release + package and not affected by CVE-2021-4104 customers are advised to NOT manually + activate the JMSAppender component. + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: WRL-7 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 + and JMSAppender components, however, JMSAppender is deactivated in the release + package and not affected by CVE-2021-4104 customers are advised to NOT manually + activate the JMSAppender component. + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: WRL-8 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 + and JMSAppender components, however, JMSAppender is deactivated in the release + package and not affected by CVE-2021-4104 customers are advised to NOT manually + activate the JMSAppender component. + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: WRL-9 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: '' + references: + - '' + last_updated: '2022-01-21T00:00:00' - vendor: WireShark product: '' cves: diff --git a/data/cisagov_W.yml b/data/cisagov_W.yml index 0093ec2..b2629d1 100644 --- a/data/cisagov_W.yml +++ b/data/cisagov_W.yml @@ -210,144 +210,6 @@ software: references: - '' last_updated: '2021-12-22T00:00:00' - - vendor: Wind River - product: WRL-6 - cves: - cve-2021-4104: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45105: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - vendor_links: - - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 - notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender - components, however, JMSAppender is deactivated in the release package and not affected by - CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. - references: - - '' - last_updated: '2022-01-21T00:00:00' - - vendor: Wind River - product: WRL-7 - cves: - cve-2021-4104: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45105: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - vendor_links: - - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 - notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender - components, however, JMSAppender is deactivated in the release package and not affected by - CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. - references: - - '' - last_updated: '2022-01-21T00:00:00' - - vendor: Wind River - product: WRL-8 - cves: - cve-2021-4104: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45105: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - vendor_links: - - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 - notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender - components, however, JMSAppender is deactivated in the release package and not affected by - CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. - references: - - '' - last_updated: '2022-01-21T00:00:00' - - vendor: Wind River - product: WRL-9 - cves: - cve-2021-4104: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45046: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - cve-2021-45105: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - 'All' - vendor_links: - - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 - notes: '' - references: - - '' - last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: LTS17 cves: @@ -356,25 +218,25 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' @@ -389,25 +251,25 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' @@ -422,25 +284,25 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' @@ -455,31 +317,172 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Wind River + product: WRL-6 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 + and JMSAppender components, however, JMSAppender is deactivated in the release + package and not affected by CVE-2021-4104 customers are advised to NOT manually + activate the JMSAppender component. + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: WRL-7 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 + and JMSAppender components, however, JMSAppender is deactivated in the release + package and not affected by CVE-2021-4104 customers are advised to NOT manually + activate the JMSAppender component. + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: WRL-8 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 + and JMSAppender components, however, JMSAppender is deactivated in the release + package and not affected by CVE-2021-4104 customers are advised to NOT manually + activate the JMSAppender component. + references: + - '' + last_updated: '2022-01-21T00:00:00' + - vendor: Wind River + product: WRL-9 + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + vendor_links: + - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 + notes: '' + references: + - '' + last_updated: '2022-01-21T00:00:00' - vendor: WireShark product: '' cves: From 43603ca4f81c606c94bf19e51f9dcb289cd20fcf Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:20:04 -0500 Subject: [PATCH 09/10] Fix line length --- data/cisagov_S.yml | 85 ++++++++++++++++++++++++++++++++++------------ 1 file changed, 64 insertions(+), 21 deletions(-) diff --git a/data/cisagov_S.yml b/data/cisagov_S.yml index 936e184..7fc98d8 100644 --- a/data/cisagov_S.yml +++ b/data/cisagov_S.yml @@ -146,7 +146,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to + address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -175,7 +177,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to address + the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -204,7 +208,10 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: ClickSoftware (As-a-Service) was affected by CVE-2021-44228 + and CVE-2021-45046. Salesforce-owned services and third-party vendors + have been patched to address the issues currently identified in + CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -262,7 +269,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to + address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -291,7 +300,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Data.com was affected by CVE-2021-44228 and CVE-2021-45046.  Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Data.com was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched + to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -350,7 +361,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Datorama was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched + to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -408,9 +421,13 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. - -The Data Loader tool has been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader version 53.0.2 or later. Follow the steps described here to download the latest version of Data Loader.' + notes: Force.com was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched + to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. + The Data Loader tool has been patched to address the issues currently identified + in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader + version 53.0.2 or later. Follow the steps described here to download the latest + version of Data Loader. references: - '' last_updated: '2021-12-15T00:00:00' @@ -439,7 +456,8 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Heroku is reported to not be affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046.' + notes: Heroku is reported to not be affected by the issues currently + identified in CVE-2021-44228 or CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -468,7 +486,10 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Salesforce-owned services within Marketing Cloud are not affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party vendors have been patched to address the security issues currently identified in CVE-2021-44228 or CVE-2021-45046.' + notes: Salesforce-owned services within Marketing Cloud are not affected + by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. + Third-party vendors have been patched to address the security issues currently + identified in CVE-2021-44228 or CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -497,7 +518,10 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft services, including dataloader.io, have been updated to mitigate the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here.' + notes: MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. + Mulesoft services, including dataloader.io, have been updated to mitigate + the issues currently identified in CVE-2021-44228 and CVE-2021-45046. + Please see additional details here. references: - '' last_updated: '2021-12-15T00:00:00' @@ -526,7 +550,11 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors, including Private Cloud Edition (PCE) and Anypoint Studio, have a mitigation in place to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here.' + notes: 'MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors, including Private Cloud + Edition (PCE) and Anypoint Studio, have a mitigation in place to address the + issues currently identified in CVE-2021-44228 and CVE-2021-45046. + Please see additional details here. references: - '' last_updated: '2021-12-15T00:00:00' @@ -555,7 +583,9 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Pardot was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched + to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -584,7 +614,9 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to + address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -613,7 +645,9 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to + address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -642,7 +676,10 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are available here.' + notes: Slack was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched + to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. + Additional details are available here. references: - '' last_updated: '2021-12-15T00:00:00' @@ -671,7 +708,9 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to + address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -701,7 +740,9 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell - notes: Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Patches to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046 are available for download. Additional details are available here. + notes: Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. + Patches to address the issues currently identified in both CVE-2021-44228 and + CVE-2021-45046 are available for download. Additional details are available here. references: - '' last_updated: '2021-12-16T00:00:00' @@ -730,7 +771,9 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services have been patched to mitigate the issues currently identified in both CVE-2021-44228 and CVE-2021-45046.' + notes: Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. + Services have been patched to mitigate the issues currently identified in + both CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -9064,4 +9107,4 @@ The Data Loader tool has been patched to address the issues currently identified references: - '' last_updated: '2022-01-12T07:18:56+00:00' -... \ No newline at end of file +... From d8c4b4ce608e9fb775c6f92c20bef4b0a4518c52 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:26:21 -0500 Subject: [PATCH 10/10] Fixed line lentgth, and extra quote mark --- data/cisagov_S.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/data/cisagov_S.yml b/data/cisagov_S.yml index 8959d90..4810e97 100644 --- a/data/cisagov_S.yml +++ b/data/cisagov_S.yml @@ -240,7 +240,10 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details are available here.' + notes: ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to address the + issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details + are available here. references: - '' last_updated: '2021-12-15T00:00:00' @@ -392,7 +395,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to address the issues + currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -550,7 +555,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. + notes: MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors, including Private Cloud Edition (PCE) and Anypoint Studio, have a mitigation in place to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.