r3pek
/
log4j-affected-db
mirror of https://github.com/cisagov/log4j-affected-db
1
0
Fork 0
Code Releases Activity

Merge pull request #452 from inl-ics/develop

Browse Source 
Udated I, M, T, and V files
pull/453/head
justmurphy 2 years ago committed by GitHub
parent 9c94233f74 74f608517e
commit 86ca7cdb73
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 95 additions and 5 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 11
      data/cisagov_I.yml
  2. 30
      data/cisagov_M.yml
  3. 29
      data/cisagov_T.yml
  4. 30
      data/cisagov_V.yml

11
data/cisagov_I.yml
Unescape View File

@ -6216,7 +6216,7 @@ software:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Inductive Automation
product: ''
product: Ignition
cves:
cve-2021-4104:
investigated: false
@ -6224,10 +6224,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- 'All'
cve-2021-45046:
investigated: false
affected_versions: []
@ -6240,10 +6241,10 @@ software:
unaffected_versions: []
vendor_links:
- https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day
notes: ''
notes: Older versions of Ignition (7.8 and older) did use the Log4j library, but they used an older version (1.2) that was not affected by this vulnerability.
references:
- ''
last_updated: '2022-01-12T07:18:53+00:00'
last_updated: '2022-01-19T00:00:00'
- vendor: IndustrialDefender
product: ''
cves:

30
data/cisagov_M.yml
Unescape View File

@ -2527,6 +2527,36 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Moxa
product: ''
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability
notes: Moxa is investigating to determine if any of our products are affected by this vulnerability. At the time of publication, none of Moxa's products are affected.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Mulesoft
product: ''
cves:

29
data/cisagov_T.yml
Unescape View File

@ -2927,6 +2927,35 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Tridium
product: ''
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.niagara-community.com/bundle/TechBulletin2021/resource/Dec_13_2021_NiagaraNotExposed_Apache_log4j.pdf
notes: Document access requires authentication. CISA is not able to validate vulnerability status.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Tripp Lite
product: LX Platform devices (includes WEBCARDLX, WEBCARDLXMINI, SRCOOLNETLX,
SRCOOLNET2LX and devices with pre-installed or embedded WEBCARDLX interfaces)

30
data/cisagov_V.yml
Unescape View File

@ -1408,6 +1408,36 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Video Insight Inc.
product: Video Insight
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://i-pro.com/eu/en/surveillance/news/i-pro-products-and-log4j-2x-vulnerability
notes: Video Insight is a part of Panasonic I-Pro.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Viso Trust
product: ''
cves:

Write Preview
Loading…
Cancel
Save