From ff27c298f75014bf5994ce472311232e749e69ae Mon Sep 17 00:00:00 2001 From: Ebennetteng <60264726+Ebennetteng@users.noreply.github.com> Date: Mon, 31 Jan 2022 17:04:42 +0000 Subject: [PATCH 1/4] updated vendor --- SOFTWARE-LIST.md | 1 + 1 file changed, 1 insertion(+) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index 2151d17..651f889 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -2011,6 +2011,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to | LOGalyze | SIEM & log analyzer tool | v4.x | | Affected | [link](https://sourceforge.net/software/product/LOGalyze/) | local-log4j-vuln-scanner result: indicator for vulnerable component found in /logalyze/lib/log4j-1.2.17.jar (org/apache/log4j/net/SocketNode.class): log4j 1.2.17 | [Forks (github.com)](https://github.com/search?q=logalyzer&s=updated&type=Repositories) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | LogiAnalytics | | | | Unknown | [link](https://devnet.logianalytics.com/hc/en-us/articles/4415781801751-Statement-on-Log4j-Vulnerability-CVE-2021-44228-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | LogicMonitor | LogicMonitor Platform | | | Unknown | [link](https://www.logicmonitor.com/support/log4shell-security-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Logit.io | Logit.io Platform | | | Not Affected | [link](https://logit.io/blog/post/logit-io-log4shell-security-update) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | LogMeIn | | | | Unknown | [link](https://community.logmein.com/t5/LogMeIn-Central-Discussions/LOG4J-Vulnerability/m-p/280317/highlight/true#M8327) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | LogRhythm | | | | Unknown | [link](https://community.logrhythm.com/t5/Product-Security/LogRhythm-Response-to-the-Apache-Log4J-Vulnerability-Log4Shell/td-p/494068) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Looker | Looker | 21.0, 21.6, 21.12, 21.16, 21.18, 21.20 | | Affected | [link](https://docs.google.com/document/d/e/2PACX-1vQGN1AYNMHxsRQ9AZNu1bKyTGRUSK_9xkQBge-nu4p8PYvBKIYHhc3914KTfVtDFIXtDhc3k6SZnR2M/pub) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | From eaa56a552967be16e4f68b4f8939d2b7a0ab5105 Mon Sep 17 00:00:00 2001 From: Ebennetteng <60264726+Ebennetteng@users.noreply.github.com> Date: Mon, 7 Feb 2022 09:46:00 +0000 Subject: [PATCH 2/4] add --- data/cisagov_L.yml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/data/cisagov_L.yml b/data/cisagov_L.yml index a1ffc81..9ddfc7c 100644 --- a/data/cisagov_L.yml +++ b/data/cisagov_L.yml @@ -2825,6 +2825,35 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Logit.io + product: '' + cves: + cve-2021-4104: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://logit.io/blog/post/logit-io-log4shell-security-update + notes: '' + references: + - '' + last_updated: '2022-02-07T07:10:00+00:00' - vendor: LogRhythm product: '' cves: From 36f2f9352097644a93f12ea14a97347cb9ae5234 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Mon, 7 Feb 2022 12:33:08 -0500 Subject: [PATCH 3/4] remove entry to markdown --- SOFTWARE-LIST.md | 1 - 1 file changed, 1 deletion(-) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index 2a2a8d0..ce6b25f 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -2235,7 +2235,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to | LOGalyze | SIEM & log analyzer tool | v4.x | | Affected | [link](https://sourceforge.net/software/product/LOGalyze/) | local-log4j-vuln-scanner result: indicator for vulnerable component found in /logalyze/lib/log4j-1.2.17.jar (org/apache/log4j/net/SocketNode.class): log4j 1.2.17 | [Forks (github.com)](https://github.com/search?q=logalyzer&s=updated&type=Repositories) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | LogiAnalytics | | | | Unknown | [link](https://devnet.logianalytics.com/hc/en-us/articles/4415781801751-Statement-on-Log4j-Vulnerability-CVE-2021-44228-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | LogicMonitor | LogicMonitor Platform | | | Unknown | [link](https://www.logicmonitor.com/support/log4shell-security-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Logit.io | Logit.io Platform | | | Not Affected | [link](https://logit.io/blog/post/logit-io-log4shell-security-update) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | LogMeIn | | | | Unknown | [link](https://community.logmein.com/t5/LogMeIn-Central-Discussions/LOG4J-Vulnerability/m-p/280317/highlight/true#M8327) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | LogRhythm | | | | Unknown | [link](https://community.logrhythm.com/t5/Product-Security/LogRhythm-Response-to-the-Apache-Log4J-Vulnerability-Log4Shell/td-p/494068) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Looker | Looker | 21.0, 21.6, 21.12, 21.16, 21.18, 21.20 | | Affected | [link](https://docs.google.com/document/d/e/2PACX-1vQGN1AYNMHxsRQ9AZNu1bKyTGRUSK_9xkQBge-nu4p8PYvBKIYHhc3914KTfVtDFIXtDhc3k6SZnR2M/pub) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | From c097be1e5f300f76bee1dca2d54110f5f45efdd1 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Mon, 7 Feb 2022 12:34:02 -0500 Subject: [PATCH 4/4] Update Logit.io product name --- data/cisagov_L.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/data/cisagov_L.yml b/data/cisagov_L.yml index 9ddfc7c..ed1c621 100644 --- a/data/cisagov_L.yml +++ b/data/cisagov_L.yml @@ -2826,7 +2826,7 @@ software: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Logit.io - product: '' + product: Logit.io Platform cves: cve-2021-4104: investigated: true @@ -2837,7 +2837,8 @@ software: investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: true affected_versions: []