mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-25 09:50:47 +00:00
Merge branch 'develop' into update-G
This commit is contained in:
commit
7f3466fa17
3 changed files with 498 additions and 19 deletions
|
@ -3064,10 +3064,25 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| Xylem | Water Loss Management (Visenti) | | | Unknown | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
| Xylem | Water Loss Management (Visenti) | | | Unknown | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
| Xylem | Xylem Cloud | | | Unknown | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
| Xylem | Xylem Cloud | | | Unknown | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
| Xylem | Xylem Edge Gateway (xGW) | | | Unknown | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
| Xylem | Xylem Edge Gateway (xGW) | | | Unknown | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| Yahoo | Vespa | | | Not Affected | [link](https://blog.vespa.ai/log4j-vulnerability/) | Your Vespa application may still be affected if log4j is included in your application package. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Yellowbrick | | | | Unknown | [link](https://support.yellowbrick.com/hc/en-us/articles/4412586575379-Security-Advisory-Yellowbrick-is-NOT-Affected-by-the-Log4Shell-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Yellowbrick | | | | Unknown | [link](https://support.yellowbrick.com/hc/en-us/articles/4412586575379-Security-Advisory-Yellowbrick-is-NOT-Affected-by-the-Log4Shell-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| YellowFin | | | | Unknown | [link](https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| YellowFin | All | | 8.0.10.3, 9.7.0.2 | Fixed | [link](https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2) | v7 and v6 releases are not affected unless you have manually upgraded to Log4j2. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| YOKOGAWA | | | | Unknown | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
| Yenlo | Connext | | | Not Affected | [link](https://www.yenlo.com/news/vulnerability-code-log4shell-log4j2/) | Connext Platform (Managed WSO2 Cloud) and all underlying middleware components are not vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| YSoft SAFEQ | | | | Unknown | [link](https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| YOKOGAWA | CENTUM VP | | | Unknown | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| YOKOGAWA | CENTUM VP (other components) | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier is still under investigation. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| YOKOGAWA | CI Server | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| YOKOGAWA | Exaopc | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| YOKOGAWA | Exaplog | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| YOKOGAWA | Exaquantum | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| YOKOGAWA | FAST/TOOLS | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| YOKOGAWA | PRM | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| YOKOGAWA | ProSafe-RS | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| YOKOGAWA | ProSafe-RS Lite | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| YOKOGAWA | STARDOM | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| YOKOGAWA | VTSPortal | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
|
||||||
|
| YSoft | SAFEQ 4 | | | Not Affected | [link](https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
|
||||||
|
| YSoft | SAFEQ 5 | | | Not Affected | [link](https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
|
||||||
|
| YSoft | SAFEQ 6 | | <=6.0.63 | Fixed | [link](https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
|
||||||
| Zabbix | | | | Unknown | [link](https://blog.zabbix.com/zabbix-not-affected-by-the-log4j-exploit/17873/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Zabbix | | | | Unknown | [link](https://blog.zabbix.com/zabbix-not-affected-by-the-log4j-exploit/17873/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| ZAMMAD | | | | Unknown | [link](https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| ZAMMAD | | | | Unknown | [link](https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| Zaproxy | | | | Unknown | [link](https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Zaproxy | | | | Unknown | [link](https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
|
|
478
data/cisagov.yml
478
data/cisagov.yml
|
@ -90155,6 +90155,40 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: Yahoo
|
||||||
|
product: Vespa
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
vendor_links:
|
||||||
|
- https://blog.vespa.ai/log4j-vulnerability/
|
||||||
|
notes: Your Vespa application may still be affected if log4j is included in your
|
||||||
|
application package.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
- vendor: Yellowbrick
|
- vendor: Yellowbrick
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
@ -90185,7 +90219,7 @@ software:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
- vendor: YellowFin
|
- vendor: YellowFin
|
||||||
product: ''
|
product: All
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
@ -90193,9 +90227,10 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
investigated: false
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions: []
|
fixed_versions:
|
||||||
|
- 8.0.10.3, 9.7.0.2
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
@ -90209,12 +90244,44 @@ software:
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2
|
- https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2
|
||||||
notes: ''
|
notes: v7 and v6 releases are not affected unless you have manually upgraded to
|
||||||
|
Log4j2.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
|
- vendor: Yenlo
|
||||||
|
product: Connext
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- 2.x
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.yenlo.com/news/vulnerability-code-log4shell-log4j2/
|
||||||
|
notes: Connext Platform (Managed WSO2 Cloud) and all underlying middleware components
|
||||||
|
are not vulnerable.
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
- vendor: YOKOGAWA
|
- vendor: YOKOGAWA
|
||||||
product: ''
|
product: CENTUM VP
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
@ -90238,12 +90305,12 @@ software:
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
notes: ''
|
notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier.
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
- vendor: YSoft SAFEQ
|
- vendor: YOKOGAWA
|
||||||
product: ''
|
product: CENTUM VP (other components)
|
||||||
cves:
|
cves:
|
||||||
cve-2021-4104:
|
cve-2021-4104:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
@ -90251,10 +90318,342 @@ software:
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-44228:
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
|
notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier is
|
||||||
|
still under investigation.
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: YOKOGAWA
|
||||||
|
product: CI Server
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: YOKOGAWA
|
||||||
|
product: Exaopc
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: YOKOGAWA
|
||||||
|
product: Exaplog
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: YOKOGAWA
|
||||||
|
product: Exaquantum
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: YOKOGAWA
|
||||||
|
product: FAST/TOOLS
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: YOKOGAWA
|
||||||
|
product: PRM
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: YOKOGAWA
|
||||||
|
product: ProSafe-RS
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: YOKOGAWA
|
||||||
|
product: ProSafe-RS Lite
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: YOKOGAWA
|
||||||
|
product: STARDOM
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: YOKOGAWA
|
||||||
|
product: VTSPortal
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
- vendor: YSoft
|
||||||
|
product: SAFEQ 4
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
|
@ -90270,7 +90669,68 @@ software:
|
||||||
notes: ''
|
notes: ''
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-02-01T07:18:50+00:00'
|
||||||
|
- vendor: YSoft
|
||||||
|
product: SAFEQ 5
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-02-01T07:18:50+00:00'
|
||||||
|
- vendor: YSoft
|
||||||
|
product: SAFEQ 6
|
||||||
|
cves:
|
||||||
|
cve-2021-4104:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-44228:
|
||||||
|
investigated: true
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions:
|
||||||
|
- <=6.0.63
|
||||||
|
unaffected_versions:
|
||||||
|
- ''
|
||||||
|
cve-2021-45046:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
cve-2021-45105:
|
||||||
|
investigated: false
|
||||||
|
affected_versions: []
|
||||||
|
fixed_versions: []
|
||||||
|
unaffected_versions: []
|
||||||
|
vendor_links:
|
||||||
|
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
|
||||||
|
notes: ''
|
||||||
|
references:
|
||||||
|
- ''
|
||||||
|
last_updated: '2022-02-01T07:18:50+00:00'
|
||||||
- vendor: Zabbix
|
- vendor: Zabbix
|
||||||
product: ''
|
product: ''
|
||||||
cves:
|
cves:
|
||||||
|
|
|
@ -33,7 +33,8 @@ software:
|
||||||
- ''
|
- ''
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://blog.vespa.ai/log4j-vulnerability/
|
- https://blog.vespa.ai/log4j-vulnerability/
|
||||||
notes: Your Vespa application may still be affected if log4j is included in your application package.
|
notes: Your Vespa application may still be affected if log4j is included in your
|
||||||
|
application package.
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
|
@ -78,7 +79,7 @@ software:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions:
|
fixed_versions:
|
||||||
- '8.0.10.3, 9.7.0.2'
|
- 8.0.10.3, 9.7.0.2
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
|
@ -92,7 +93,8 @@ software:
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2
|
- https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2
|
||||||
notes: v7 and v6 releases are not affected unless you have manually upgraded to Log4j2.
|
notes: v7 and v6 releases are not affected unless you have manually upgraded to
|
||||||
|
Log4j2.
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
|
@ -109,7 +111,7 @@ software:
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions: []
|
fixed_versions: []
|
||||||
unaffected_versions:
|
unaffected_versions:
|
||||||
- '2.x'
|
- 2.x
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
investigated: false
|
investigated: false
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
|
@ -122,7 +124,8 @@ software:
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://www.yenlo.com/news/vulnerability-code-log4shell-log4j2/
|
- https://www.yenlo.com/news/vulnerability-code-log4shell-log4j2/
|
||||||
notes: Connext Platform (Managed WSO2 Cloud) and all underlying middleware components are not vulnerable.
|
notes: Connext Platform (Managed WSO2 Cloud) and all underlying middleware components
|
||||||
|
are not vulnerable.
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-12T07:18:50+00:00'
|
last_updated: '2022-01-12T07:18:50+00:00'
|
||||||
|
@ -181,7 +184,8 @@ software:
|
||||||
unaffected_versions: []
|
unaffected_versions: []
|
||||||
vendor_links:
|
vendor_links:
|
||||||
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
||||||
notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier is still under investigation.
|
notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier is
|
||||||
|
still under investigation.
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2021-12-22T00:00:00'
|
last_updated: '2021-12-22T00:00:00'
|
||||||
|
@ -557,7 +561,7 @@ software:
|
||||||
investigated: true
|
investigated: true
|
||||||
affected_versions: []
|
affected_versions: []
|
||||||
fixed_versions:
|
fixed_versions:
|
||||||
- '<=6.0.63'
|
- <=6.0.63
|
||||||
unaffected_versions:
|
unaffected_versions:
|
||||||
- ''
|
- ''
|
||||||
cve-2021-45046:
|
cve-2021-45046:
|
||||||
|
|
Loading…
Reference in a new issue