mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-25 09:50:47 +00:00
Update the software list
This commit is contained in:
parent
c29b5e2bac
commit
7cfadd6eff
2 changed files with 551 additions and 26 deletions
|
@ -22,7 +22,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
|
||||
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
|
||||
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
|
||||
| 1Password | All products | | | Unknown | [link](https://support.1password.com/kb/202112/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
|
||||
| 1Password | All products | | | Not Affected | [link](https://support.1password.com/kb/202112/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-01-14 |
|
||||
| 2n | | | | Unknown | [link](https://www.2n.com/cs_CZ/novinky/produkty-2n-neohrozuje-zranitelnost-cve-2021-44228-komponenty-log4j-2) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| 3CX | | | | Unknown | [link](https://www.3cx.com/community/threads/log4j-vulnerability-cve-2021-44228.86436/#post-407911) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| 3M Health Information Systems | CGS | | | Unknown | [link](https://support.3mhis.com/app/account/updates/ri/5210) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
|
@ -150,6 +150,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| Atlassian | Fisheye | | | Not Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Atlassian | Jira Server & Data Center | | | Not Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Attivo networks | | | | Unknown | [link](https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Atvise | All | | | Not Affected | [link](https://www.atvise.com/en/articles/at-log4j-sicherheitsluecke-atvise-produkte-und-terminals-nicht-betroffen) | The security vulnerability does NOT affect our applications and products or pose any threat. This applies to all Bachmann applications and products, including atvise solutions. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
|
||||
| AudioCodes | | | | Unknown | [link](https://services.audiocodes.com/app/answers/kbdetail/a_id/2225) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Autodesk | | | | Unknown | [link](https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html) | Autodesk is continuing to perform a thorough investigation in relation to the recently discovered Apache Log4j security vulnerabilities. We continue to implement several mitigating factors for our products including patching, network firewall blocks, and updated detection signatures to reduce the threat of this vulnerability and enhance our ability to quickly respond to potential malicious activity. We have not identified any compromised systems in the Autodesk environment due to this vulnerability, at this time. This is an ongoing investigation and we will provide updates on the [Autodesk Trust Center as we learn more](https://www.autodesk.com/trust/overview). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
|
||||
| Automox | | | | Unknown | [link](https://blog.automox.com/log4j-critical-vulnerability-scores-a-10) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
|
@ -1771,7 +1772,11 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| iRedMail | | | | Unknown | [link](https://forum.iredmail.org/topic18605-log4j-cve202144228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Ironnet | | | | Unknown | [link](https://www.ironnet.com/blog/ironnet-security-notifications-related-to-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| ISLONLINE | | | | Unknown | [link](https://blog.islonline.com/2021/12/13/isl-online-is-not-affected-by-log4shell-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Ivanti | | | | Unknown | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Ivanti | Avalanche | 6.2.2, 6.3.0 to 6.3.3 | | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
||||
| Ivanti | Ivanti File Director | 2019.1.*, 2020.1.*, 2020.3.*, 2021.1.*, 4.4.* | 2021.3 HF2, 2021.1 HF1, 2020.3 HF2 | Fixed | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
||||
| Ivanti | MobileIron Core | All | | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | See Advisory details for mitigation instructions for MobileIron Core. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
||||
| Ivanti | MobileIron Core Connector | All | | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | See Advisory details for mitigation instructions for MobileIron Core Connector. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
||||
| Ivanti | MobileIron Sentry (Core/Cloud) | 9.13, 9.14 | | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | See Advisory details for mitigation instructions for MobileIron Sentry. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
||||
| Jamasoftware | | | | Unknown | [link](https://community.jamasoftware.com/communities/community-home/digestviewer/viewthread?MessageKey=06d26f9c-2abe-4c10-93d4-c0f6c8a01b22&CommunityKey=c9d20d4c-5bb6-4f19-92eb-e7cee0942d51&tab=digestviewer#bm06d26f9c-2abe-4c10-93d4-c0f6c8a01b22) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Jamf | Jamf Pro | 10.31.0 – 10.34.0 | | Affected | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Janitza | GridVis | | | Not Affected | [link](https://www.janitza.com/us/gridvis-download.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
||||
|
@ -1962,8 +1967,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
|
||||
| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| MariaDB | | | | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| MathWorks | All MathWorks general release desktop or server products | | | Unknown | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| MathWorks | MATLAB | | | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-29 |
|
||||
| MathWorks | All MathWorks general release desktop or server products | | | Not Affected | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
||||
| MathWorks | MATLAB | | | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
|
||||
| Matillion | Matillion ETL | | 1.59.10+ | Fixed | [link](https://documentation.matillion.com/docs/security-advisory-14th-december-2021) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-11-01 |
|
||||
| Matomo | | | | Unknown | [link](https://forum.matomo.org/t/matomo-is-not-concerned-by-the-log4j-security-breach-cve-2021-44228-discovered-on-december-2021-the-9th/44089) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Mattermost FocalBoard | | | | Unknown | [link](https://forum.mattermost.org/t/log4j-vulnerability-concern/12676) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
|
@ -2043,8 +2048,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| N-able | | | | Unknown | [link](https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Nagios | | | | Unknown | [link](https://www.nagios.com/news/2021/12/update-on-apache-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| NAKIVO | | | | Unknown | [link](https://forum.nakivo.com/index.php?/topic/7574-log4j-cve-2021-44228/&do=findComment&comment=9145) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| National Instruments | OptimalPlus | -, L, i, m, i, t, e, d, , t, o, , d, e, p, l, o, y, m, e, n, t, s, , r, u, n, n, i, n, g, , V, e, r, t, i, c, a, ,, , C, l, o, u, d, e, r, a, ,, , o, r, , L, o, g, s, t, a, s, h | | Affected | [link](https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html) | (Limited to deployments running Vertica, Cloudera, or Logstash) Contact Technical Support | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
||||
| Neo4j | Neo4j Graph Database | Version >4.2, <4..2.12 | | Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
|
||||
| National Instruments | OptimalPlus | Vertica, Cloudera, Logstash | | Affected | [link](https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html) | (Limited to deployments running Vertica, Cloudera, or Logstash) Contact Technical Support | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
||||
| Neo4j | Neo4j Graph Database | >4.2, <4..2.12 | | Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
|
||||
| Netapp | Multiple NetApp products | | | Unknown | [link](https://security.netapp.com/advisory/ntap-20211210-0007/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| Netcup | | | | Unknown | [link](https://www.netcup-news.de/2021/12/14/pruefung-log4j-sicherheitsluecken-abgeschlossen/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| NetGate PFSense | | | | Unknown | [link](https://forum.netgate.com/topic/168417/java-log4j-vulnerability-is-pfsense-affected/35) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
|
@ -2184,6 +2189,16 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| Salesforce | Social Studio | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Social Studio is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Salesforce | Tableau (On-Premise) | | < 2021.4.1 | Fixed | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | Fixed in 2021.4.1 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
||||
| Salesforce | Tableau (Online) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Tableau (Online) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
||||
| Samsung Electronics America | Knox Admin Portal | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
|
||||
| Samsung Electronics America | Knox Asset Intelligence | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
|
||||
| Samsung Electronics America | Knox Configure | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
|
||||
| Samsung Electronics America | Knox E-FOTA One | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
|
||||
| Samsung Electronics America | Knox Guard | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
|
||||
| Samsung Electronics America | Knox License Management | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
|
||||
| Samsung Electronics America | Knox Manage | | Cloud | Fixed | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
|
||||
| Samsung Electronics America | Knox Managed Services Provider (MSP) | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
|
||||
| Samsung Electronics America | Knox Mobile Enrollment | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
|
||||
| Samsung Electronics America | Knox Reseller Portal | | Cloud | Fixed | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
|
||||
| Sangoma | | | | Unknown | [link](https://help.sangoma.com/community/s/article/Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
| SAP | | | | Unknown | [link](https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| SAP Advanced Platform | | | | Unknown | [link](https://launchpad.support.sap.com/#/notes/3130698) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
|
@ -2659,6 +2674,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
|||
| VMware | VMware vRealize Orchestrator | 8.x, 7.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| VMware | VMware Workspace ONE Access | 21.x, 20.10.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| VMware | VMware Workspace ONE Access Connector (VMware Identity Manager Connector) | 21.x, 20.10.x, 19.03.0.1 | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
|
||||
| VTScada | All | | | Not Affected | [link](https://www.vtscada.com/vtscada-unaffected-by-log4j/) | Java is not utilized within VTScada software, and thus our users are unaffected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
|
||||
| Vyaire | | | | Unknown | [link](https://www.vyaire.com/sites/us/files/2021-12/2021-12-15-product-security-bulletin-for-log4shell-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||
| WAGO | WAGO Smart Script | 4.2.x < 4.8.1.3 | | Affected | [link](https://www.wago.com/de/automatisierungstechnik/psirt#log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
||||
| Wallarm | | | | Unknown | [link](https://lab.wallarm.com/cve-2021-44228-mitigation-update/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||
|
|
549
data/cisagov.yml
549
data/cisagov.yml
|
@ -8,31 +8,35 @@ software:
|
|||
product: All products
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
unaffected_versions:
|
||||
- '>= 1.0.0'
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
unaffected_versions:
|
||||
- '>= 1.0.0'
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
unaffected_versions:
|
||||
- '>= 1.0.0'
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
unaffected_versions:
|
||||
- '>= 1.0.0'
|
||||
vendor_links:
|
||||
- https://support.1password.com/kb/202112/
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-23T00:00:00'
|
||||
last_updated: '2021-01-14T00:00:00'
|
||||
- vendor: 2n
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -3851,6 +3855,38 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:50+00:00'
|
||||
- vendor: Atvise
|
||||
product: All
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.atvise.com/en/articles/at-log4j-sicherheitsluecke-atvise-produkte-und-terminals-nicht-betroffen
|
||||
notes: The security vulnerability does NOT affect our applications and products
|
||||
or pose any threat. This applies to all Bachmann applications and products,
|
||||
including atvise solutions.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-17T00:00:00'
|
||||
- vendor: AudioCodes
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -51710,7 +51746,7 @@ software:
|
|||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
- vendor: Ivanti
|
||||
product: ''
|
||||
product: Avalanche
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
|
@ -51718,17 +51754,19 @@ software:
|
|||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- 6.2.2
|
||||
- 6.3.0 to 6.3.3
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: false
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
|
@ -51737,7 +51775,135 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-18T00:00:00'
|
||||
- vendor: Ivanti
|
||||
product: Ivanti File Director
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- 2019.1.*
|
||||
- 2020.1.*
|
||||
- 2020.3.*
|
||||
- 2021.1.*
|
||||
- 4.4.*
|
||||
fixed_versions:
|
||||
- 2021.3 HF2
|
||||
- 2021.1 HF1
|
||||
- 2020.3 HF2
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-18T00:00:00'
|
||||
- vendor: Ivanti
|
||||
product: MobileIron Core
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- All
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
|
||||
notes: See Advisory details for mitigation instructions for MobileIron Core.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-18T00:00:00'
|
||||
- vendor: Ivanti
|
||||
product: MobileIron Core Connector
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- All
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
|
||||
notes: See Advisory details for mitigation instructions for MobileIron Core Connector.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-18T00:00:00'
|
||||
- vendor: Ivanti
|
||||
product: MobileIron Sentry (Core/Cloud)
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- '9.13'
|
||||
- '9.14'
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
|
||||
notes: See Advisory details for mitigation instructions for MobileIron Sentry.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-18T00:00:00'
|
||||
- vendor: Jamasoftware
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -57338,7 +57504,7 @@ software:
|
|||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: false
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
|
@ -57357,7 +57523,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-12T07:18:54+00:00'
|
||||
last_updated: '2022-01-18T00:00:00'
|
||||
- vendor: MathWorks
|
||||
product: MATLAB
|
||||
cves:
|
||||
|
@ -57387,7 +57553,7 @@ software:
|
|||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-29T00:00:00'
|
||||
last_updated: '2022-01-18T00:00:00'
|
||||
- vendor: Matillion
|
||||
product: Matillion ETL
|
||||
cves:
|
||||
|
@ -59705,7 +59871,10 @@ software:
|
|||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: -Limited to deployments running Vertica, Cloudera, or Logstash
|
||||
affected_versions:
|
||||
- Vertica
|
||||
- Cloudera
|
||||
- Logstash
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
|
@ -59736,7 +59905,7 @@ software:
|
|||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions:
|
||||
- Version >4.2
|
||||
- '>4.2'
|
||||
- <4..2.12
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
|
@ -63874,6 +64043,316 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-15T00:00:00'
|
||||
- vendor: Samsung Electronics America
|
||||
product: Knox Admin Portal
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-17T00:00:00'
|
||||
- vendor: Samsung Electronics America
|
||||
product: Knox Asset Intelligence
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-17T00:00:00'
|
||||
- vendor: Samsung Electronics America
|
||||
product: Knox Configure
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-17T00:00:00'
|
||||
- vendor: Samsung Electronics America
|
||||
product: Knox E-FOTA One
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-17T00:00:00'
|
||||
- vendor: Samsung Electronics America
|
||||
product: Knox Guard
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-17T00:00:00'
|
||||
- vendor: Samsung Electronics America
|
||||
product: Knox License Management
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-17T00:00:00'
|
||||
- vendor: Samsung Electronics America
|
||||
product: Knox Manage
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions:
|
||||
- Cloud
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions:
|
||||
- Cloud
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-17T00:00:00'
|
||||
- vendor: Samsung Electronics America
|
||||
product: Knox Managed Services Provider (MSP)
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-17T00:00:00'
|
||||
- vendor: Samsung Electronics America
|
||||
product: Knox Mobile Enrollment
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-17T00:00:00'
|
||||
- vendor: Samsung Electronics America
|
||||
product: Knox Reseller Portal
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions:
|
||||
- Cloud
|
||||
unaffected_versions: []
|
||||
cve-2021-45046:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions:
|
||||
- Cloud
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: false
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
|
||||
notes: ''
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-17T00:00:00'
|
||||
- vendor: Sangoma
|
||||
product: ''
|
||||
cves:
|
||||
|
@ -78004,6 +78483,36 @@ software:
|
|||
references:
|
||||
- ''
|
||||
last_updated: '2021-12-12T00:00:00'
|
||||
- vendor: VTScada
|
||||
product: All
|
||||
cves:
|
||||
cve-2021-4104:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-44228:
|
||||
investigated: true
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions:
|
||||
- All
|
||||
cve-2021-45046:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
cve-2021-45105:
|
||||
investigated: ''
|
||||
affected_versions: []
|
||||
fixed_versions: []
|
||||
unaffected_versions: []
|
||||
vendor_links:
|
||||
- https://www.vtscada.com/vtscada-unaffected-by-log4j/
|
||||
notes: Java is not utilized within VTScada software, and thus our users are unaffected.
|
||||
references:
|
||||
- ''
|
||||
last_updated: '2022-01-17T00:00:00'
|
||||
- vendor: Vyaire
|
||||
product: ''
|
||||
cves:
|
||||
|
|
Loading…
Reference in a new issue