r3pek/log4j-affected-db
1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 16:40:48 +00:00
Code Releases Activity

Merge pull request #452 from inl-ics/develop

Browse source 
Udated I, M, T, and V files
This commit is contained in:
justmurphy 2022-01-19 13:09:53 -05:00 committed by GitHub
commit 86ca7cdb73
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 95 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
data/cisagov_I.yml
View file

@ -6216,7 +6216,7 @@ software:
- '' - ''
last_updated: '2022-01-12T07:18:53+00:00' last_updated: '2022-01-12T07:18:53+00:00'
- vendor: Inductive Automation - vendor: Inductive Automation
product: '' product: Ignition
cves: cves:
cve-2021-4104: cve-2021-4104:
investigated: false investigated: false
@ -6224,10 +6224,11 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions:
- 'All'
cve-2021-45046: cve-2021-45046:
investigated: false investigated: false
affected_versions: [] affected_versions: []
@ -6240,10 +6241,10 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day - https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day
notes: '' notes: Older versions of Ignition (7.8 and older) did use the Log4j library, but they used an older version (1.2) that was not affected by this vulnerability.
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:53+00:00' last_updated: '2022-01-19T00:00:00'
- vendor: IndustrialDefender - vendor: IndustrialDefender
product: '' product: ''
cves: cves:

30
data/cisagov_M.yml
View file

@ -2527,6 +2527,36 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:54+00:00' last_updated: '2022-01-12T07:18:54+00:00'
- vendor: Moxa
product: ''
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability
notes: Moxa is investigating to determine if any of our products are affected by this vulnerability. At the time of publication, none of Moxa's products are affected.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Mulesoft - vendor: Mulesoft
product: '' product: ''
cves: cves:

29
data/cisagov_T.yml
View file

@ -2927,6 +2927,35 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Tridium
product: ''
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.niagara-community.com/bundle/TechBulletin2021/resource/Dec_13_2021_NiagaraNotExposed_Apache_log4j.pdf
notes: Document access requires authentication. CISA is not able to validate vulnerability status.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Tripp Lite - vendor: Tripp Lite
product: LX Platform devices (includes WEBCARDLX, WEBCARDLXMINI, SRCOOLNETLX, product: LX Platform devices (includes WEBCARDLX, WEBCARDLXMINI, SRCOOLNETLX,
SRCOOLNET2LX and devices with pre-installed or embedded WEBCARDLX interfaces) SRCOOLNET2LX and devices with pre-installed or embedded WEBCARDLX interfaces)

30
data/cisagov_V.yml
View file

@ -1408,6 +1408,36 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:56+00:00' last_updated: '2022-01-12T07:18:56+00:00'
- vendor: Video Insight Inc.
product: Video Insight
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 'All'
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://i-pro.com/eu/en/surveillance/news/i-pro-products-and-log4j-2x-vulnerability
notes: Video Insight is a part of Panasonic I-Pro.
references:
- ''
last_updated: '2022-01-19T00:00:00'
- vendor: Viso Trust - vendor: Viso Trust
product: '' product: ''
cves: cves: