Revert "Update cisagov_C.yml"

2024-11-22 08:30:48 +00:00 · 2022-02-14 16:38:27 -05:00 · 2022-02-14 16:38:27 -05:00 · 79616e8d66
commit 79616e8d66
parent 3cb2604c96
1 changed files with 138 additions and 121 deletions
--- a/data/cisagov_C.yml
+++ b/data/cisagov_C.yml
@ -4588,20 +4588,22 @@ software:
        unaffected_versions:
          - All Platforms
      cve-2021-45046:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45105:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: ''
+    notes: Citrix continues to investigate any potential impact on Citrix-managed
      cloud services. If, as the investigation continues, any Citrix-managed services
      are found to be affected by this issue, Citrix will take immediate action to
      remediate the problem. Customers using Citrix-managed cloud services do not
      need to take any action.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -4620,20 +4622,22 @@ software:
        unaffected_versions:
          - All Platforms
      cve-2021-45046:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45105:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: ''
+    notes: Citrix continues to investigate any potential impact on Citrix-managed
      cloud services. If, as the investigation continues, any Citrix-managed services
      are found to be affected by this issue, Citrix will take immediate action to
      remediate the problem. Customers using Citrix-managed cloud services do not
      need to take any action.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -4646,26 +4650,27 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45046:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45105:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: ''
+    notes: Citrix continues to investigate any potential impact on Citrix-managed
      cloud services. If, as the investigation continues, any Citrix-managed services
      are found to be affected by this issue, Citrix will take immediate action to
      remediate the problem. Customers using Citrix-managed cloud services do not
      need to take any action.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -4678,31 +4683,32 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45046:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45105:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: ''
+    notes: Citrix continues to investigate any potential impact on Citrix-managed
      cloud services. If, as the investigation continues, any Citrix-managed services
      are found to be affected by this issue, Citrix will take immediate action to
      remediate the problem. Customers using Citrix-managed cloud services do not
      need to take any action.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
  - vendor: Citrix
-    product: Citrix Content Collaboration (ShareFile Integration)–Citrix Files for
+    product: Citrix Content Collaboration (ShareFile Integration) – Citrix Files for
      Windows, Citrix Files for Mac, Citrix Files for Outlook
    cves:
      cve-2021-4104:
@ -4711,26 +4717,27 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45046:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45105:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: ''
+    notes: Citrix continues to investigate any potential impact on Citrix-managed
      cloud services. If, as the investigation continues, any Citrix-managed services
      are found to be affected by this issue, Citrix will take immediate action to
      remediate the problem. Customers using Citrix-managed cloud services do not
      need to take any action.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -4743,32 +4750,31 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
-        fixed_versions:
+        fixed_versions: []
          - '10.14 RP2'
          - '10.13 RP5'
          - '10.12 RP10'
        unaffected_versions: []
      cve-2021-45046:
-        investigated: true
+        investigated: false
        affected_versions: []
-        fixed_versions:
+        fixed_versions: []
          - '10.14 RP2'
          - '10.13 RP5'
          - '10.12 RP10'
        unaffected_versions: []
      cve-2021-45105:
-        investigated: true
+        investigated: false
        affected_versions: []
-        fixed_versions:
+        fixed_versions: []
          - '10.14 RP3'
          - '10.13 RP6'
          - '10.12 RP11'
        unaffected_versions: []
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: ''
+    notes: 'For CVE-2021-44228 and CVE-2021-45046: Impacted–Customers are advised
      to apply the latest CEM rolling patch updates listed below as soon as possible
      to reduce the risk of exploitation. [XenMobile Server 10.14 RP2](https://support.citrix.com/article/CTX335763);
      [XenMobile Server 10.13 RP5](https://support.citrix.com/article/CTX335753);
      and [XenMobile Server 10.12 RP10](https://support.citrix.com/article/CTX335785).
      Note: Customers who have upgraded their XenMobile Server to the updated versions
      are recommended not to apply the responder policy mentioned in the blog listed
      below to the Citrix ADC vserver in front of the XenMobile Server as it may impact
      the enrollment of Android devices. For CVE-2021-45105: Investigation in progress.'
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -4781,26 +4787,27 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45046:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45105:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: ''
+    notes: Citrix continues to investigate any potential impact on Citrix-managed
      cloud services. If, as the investigation continues, any Citrix-managed services
      are found to be affected by this issue, Citrix will take immediate action to
      remediate the problem. Customers using Citrix-managed cloud services do not
      need to take any action.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -4813,26 +4820,27 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45046:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45105:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: ''
+    notes: Citrix continues to investigate any potential impact on Citrix-managed
      cloud services. If, as the investigation continues, any Citrix-managed services
      are found to be affected by this issue, Citrix will take immediate action to
      remediate the problem. Customers using Citrix-managed cloud services do not
      need to take any action.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -4851,20 +4859,22 @@ software:
        unaffected_versions:
          - All Platforms
      cve-2021-45046:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45105:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: ''
+    notes: Citrix continues to investigate any potential impact on Citrix-managed
      cloud services. If, as the investigation continues, any Citrix-managed services
      are found to be affected by this issue, Citrix will take immediate action to
      remediate the problem. Customers using Citrix-managed cloud services do not
      need to take any action.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -4877,26 +4887,30 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions:
          - 'Linux Virtual Delivery Agent 2112'
        unaffected_versions: []
      cve-2021-45046:
        investigated: true
        affected_versions: []
        fixed_versions:
          - 'Linux Virtual Delivery Agent 2112'
        unaffected_versions: []
      cve-2021-45105:
        investigated: true
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
-          - All Platforms
+      cve-2021-45046:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
      cve-2021-45105:
        investigated: false
        affected_versions: []
        fixed_versions: []
        unaffected_versions: []
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: ''
+    notes: 'IMPACTED: Linux VDA (non-LTSR versions only)- CVE-2021-44228 and CVE-2021-45046:
      Customers are advised to apply the latest update as soon as possible to reduce
      the risk of exploitation. [Linux Virtual Delivery Agent 2112](https://www.citrix.com/downloads/citrix-virtual-apps-and-desktops/components/linux-vda-2112.html).
      See the [Citrix Statement](https://support.citrix.com/article/CTX335705) for
      additional mitigations. For CVE-2021-45105: Investigation has shown that Linux
      VDA is not impacted. Nonetheless, the Linux VDA 2112 has been updated (21.12.0.30,
      released December 20th) to contain Apache log4j version 2.17.0. NOT IMPACTED:
      Linux VDA LTSR all versions; All other CVAD components.'
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -4915,20 +4929,22 @@ software:
        unaffected_versions:
          - All Platforms
      cve-2021-45046:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45105:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: ''
+    notes: Citrix continues to investigate any potential impact on Citrix-managed
      cloud services. If, as the investigation continues, any Citrix-managed services
      are found to be affected by this issue, Citrix will take immediate action to
      remediate the problem. Customers using Citrix-managed cloud services do not
      need to take any action.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'
@ -4941,26 +4957,27 @@ software:
        fixed_versions: []
        unaffected_versions: []
      cve-2021-44228:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45046:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
      cve-2021-45105:
-        investigated: true
+        investigated: false
        affected_versions: []
        fixed_versions: []
-        unaffected_versions:
+        unaffected_versions: []
          - All Platforms
    vendor_links:
      - https://support.citrix.com/article/CTX335705
-    notes: ''
+    notes: Citrix continues to investigate any potential impact on Citrix-managed
      cloud services. If, as the investigation continues, any Citrix-managed services
      are found to be affected by this issue, Citrix will take immediate action to
      remediate the problem. Customers using Citrix-managed cloud services do not
      need to take any action.
    references:
      - ''
    last_updated: '2021-12-21T00:00:00'