diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index 6a90bbf..fdf75df 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -1512,7 +1512,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to | HPE | OfficeConnect | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | Primera Storage | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | RepoServer part of OPA (on Premises aggregator) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | -| HPE | Resource Aggregator for Open Distributed Infrastructure Management | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | +| HPE | Resource Aggregator for Open Distributed Infrastructure Management | | | Not Affected | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | RESTful Interface Tool (iLOREST) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | SAT (System Admin Toolkit) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | | HPE | Scripting Tools for Windows PowerShell (HPEiLOCmdlets) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 | @@ -2217,6 +2217,99 @@ NOTE: This file is automatically generated. To submit updates, please refer to | OxygenXML | Web Author | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | OxygenXML | WebHelp | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | PagerDuty | PagerDuty SaaS | | | Unknown | [link](https://support.pagerduty.com/docs/pagerduty-log4j-zero-day-vulnerability) | We currently see no evidence of compromises on our platform. Our teams continue to monitor for new developments and for impacts on sub-processors and dependent systems. PagerDuty SaaS customers do not need to take any additional action for their PagerDuty SaaS environment | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Palantir | Palantir AI Inference Platform (AIP) | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | Fully remediated as of 1.97.0. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 | +| Palantir | Palantir Apollo | | | Not Affected | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact, and updates have been deployed for full remediation. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 | +| Palantir | Palantir Foundry | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 | +| Palantir | Palantir Gotham | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 | +| Palo-Alto Networks | Bridgecrew | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | CloudGenix | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Cortex Data Lake | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Cortex XDR Agent | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Cortex Xpanse | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Cortex XSOAR | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Expedition | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | GlobalProtect App | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | IoT Security | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Okyo Grade | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Palo-Alto Networks-OS for Firewall and Wildfire | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Palo-Alto Networks-OS for Panorama | 9.0, 9.1, 10.0 | | Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will be updated when hot fixes for the affected Panorama versions are available. PAN-OS for Panorama versions 8.1, 10.1 are not affected. | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Palo-Alto Networks | Prisma Access | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Prisma Cloud | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | Prisma Cloud Compute | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | SaaS Security | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | User-ID Agent | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | WildFire Appliance | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Palo-Alto Networks | WildFire Cloud | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Panopto | | | | Unknown | [link](https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PaperCut | PaperCut MF | 21.0 and later | | Affected | [link](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| PaperCut | PaperCut NG | 21.0 and later | | Affected | [link](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Parallels | | | | Unknown | [link](https://kb.parallels.com/en/128696) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Parse.ly | | | | Unknown | [link](https://blog.parse.ly/parse-ly-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PBXMonitor | RMM for 3CX PBX | | | Unknown | [link](https://www.pbxmonitor.net/changelog.php) | Mirror Servers were also checked to ensure Log4J was not installed or being used by any of our systems. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | +| Pega | | | | Unknown | [link](https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pentaho | | | | Unknown | [link](https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pepperl+Fuchs | | | | Unknown | [link](https://www.pepperl-fuchs.com/global/en/29079.htm) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Percona | | | | Unknown | [link](https://www.percona.com/blog/log4jshell-vulnerability-update/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pexip | | | | Unknown | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Phenix Id | | | | Unknown | [link](https://support.phenixid.se/uncategorized/log4j-fix/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Philips | Multiple products | | | Unknown | [link](https://www.philips.com/a-w/security/security-advisories.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PHOENIX CONTACT | Cloud Services | | | Unknown | [link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | Partly affected. Remediations are being implemented. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | +| PHOENIX CONTACT | Physical products containing firmware | | | Unknown | [link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | +| PHOENIX CONTACT | Software Products | | | Unknown | [link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | +| Ping Identity | PingAccess | 4.0 <= version <= 6.3.2 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Ping Identity | PingCentral | | | Unknown | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Ping Identity | PingFederate | 8.0 <= version <= 10.3.4 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Ping Identity | PingFederate Java Integration Kit | < 2.7.2 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Ping Identity | PingFederate OAuth Playground | < 4.3.1 | | Affected | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Ping Identity | PingIntelligence | | | Unknown | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Pitney Bowes | | | | Unknown | [link](https://www.pitneybowes.com/us/support/apache-log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Planmeca | | | | Unknown | [link](https://www.planmeca.com/apache-log4j-vulnerability-in-planmeca-products/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Planon Software | | | | Unknown | [link](https://my.planonsoftware.com/uk/news/log4j-impact-on-planon/) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Platform.SH | | | | Unknown | [link](https://platform.sh/blog/2021/platformsh-protects-from-apache-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Plesk | | | | Unknown | [link](https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Plex | Plex Industrial IoT | | | Unknown | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | The product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Polycom | | | | Unknown | [link](https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Portainer | | | | Unknown | [link](https://www.portainer.io/blog/portainer-statement-re-log4j-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PortSwigger | | | | Unknown | [link](https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PostGreSQL | | | | Unknown | [link](https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Postman | | | | Unknown | [link](https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Power Admin LLC | PA File Sight | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| Power Admin LLC | PA Server Monitor | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| Power Admin LLC | PA Storage Monitor | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| Pretix | | | | Unknown | [link](https://pretix.eu/about/de/blog/20211213-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PrimeKey | | | | Unknown | [link](https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Progress / IpSwitch | | | | Unknown | [link](https://www.progress.com/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| ProofPoint | | | | Unknown | [link](https://proofpointcommunities.force.com/community/s/article/Proofpoint-Statement-Regarding-CVE-2021-44228-Java-logging-package-log4j2) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| ProSeS | | | | Unknown | [link](https://www.proses.de/en/2021/12/16/log4shell-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Prosys | | | | Unknown | [link](https://prosysopc.com/news/important-security-release/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Proxmox | | | | Unknown | [link](https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PRTG Paessler | | | | Unknown | [link](https://kb.paessler.com/en/topic/90213-is-prtg-affected-by-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| PTC | Axeda Platform | 6.9.2 | | Affected | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| PTC | ThingsWorx Analytics | 8.5, 9.0, 9.1, 9.2, All supported versions | | Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| PTC | ThingsWorx Platform | 8.5, 9.0, 9.1, 9.2, All supported versions | | Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | +| PTV Group | | | | Unknown | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Ivanti Connect Secure (ICS) | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Ivanti Neurons for secure Access | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Ivanti Neurons for secure Access | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Ivanti Neurons for ZTA | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Ivanti Neurons for ZTA | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Connect Secure | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Desktop Client | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Mobile Client | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse One | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Policy Secure | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Secure Services Director | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Secure Virtual Traffic Manager | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse Secure Web Application Firewall | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pulse Secure | Pulse ZTA | | | Unknown | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Puppet | | | | Unknown | [link](https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pure Storage | | | | Unknown | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22)) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Pure Storage | Cloud Blockstore | CBS6.1.x, CBS6.2.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | Patch expected 12/27/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Pure Storage | Flash Array | 5.3.x, 6.0.x, 6.1.x, 6.2.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | Patch expected 12/20/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Pure Storage | FlashBlade | 3.1.x, 3.2.x, 3.3.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | Patch expected 12/24/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Pure Storage | PortWorx | 2.8.0+ | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Pure Storage | Pure1 | | N/A | Fixed | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Pyramid Analytics | | | | Unknown | [link](https://community.pyramidanalytics.com/t/83hjjt4/log4j-security-vulnerability-pyramid) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | QF-Test | | | | Unknown | [link](https://www.qfs.de/en/blog/article/no-log4j-vulnerability-in-qf-test.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Qlik | | | | Unknown | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | QMATIC | Appointment Booking | 2.4+ | | Affected | [link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | Update to v. 2.8.2 which contains log4j 2.16 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | @@ -2228,6 +2321,102 @@ NOTE: This file is automatically generated. To submit updates, please refer to | QSC Q-SYS | | | | Unknown | [link](https://qscprod.force.com/selfhelpportal/s/article/Are-Q-SYS-products-affected-by-the-Log4j-vulnerability-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | QT | | | | Unknown | [link](https://www.qt.io/blog/the-qt-company-products-not-affected-by-cve-2021-44228-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Quest Global | | | | Unknown | [link](https://support.quest.com/fr-fr/search#q=CVE-2021-44228&t=Global) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| R | R | | | Not Affected | [link](https://www.r-project.org/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| R2ediviewer | | | | Unknown | [link](https://r2ediviewer.de/DE/reload.html?Change-log_17858584.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Radware | | | | Unknown | [link](https://support.radware.com/app/answers/answer_view/a_id/1029752) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Rapid7 | AlcidekArt, kAdvisor, and kAudit | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | AppSpider Enterprise | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | AppSpider Pro | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | Insight Agent | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightAppSec Scan Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightAppSec Scan Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightCloudSec/DivvyCloud | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightConnect Orchestrator | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightIDR Network Sensor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightIDR/InsightOps Collector & Event Sources | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightOps DataHub | InsightOps DataHub <= 2.0 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Upgrade [DataHub to version 2.0.1](https://rep.logentries.com/datahub/DataHub_2.0.1.deb) using the [following instructions](https://docs.rapid7.com/insightops/setting-up-datahub/). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightOps non-Java logging libraries | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightOps r7insight_java logging library | <=3.0.8 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Upgrade [r7insight_java](https://github.com/rapid7/r7insight_java) to 3.0.9 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightVM Kubernetes Monitor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightVM/Nexpose | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightVM/Nexpose Console | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | InsightVM/Nexpose Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | IntSights virtual appliance | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | Logentries DataHub | Linux version <= 1.2.0.820; Windows version <= 1.2.0.820 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Linux: Install DataHub_1.2.0.822.deb using the following [instructions](https://docs.logentries.com/docs/datahub-linux). Windows: Run version 1.2.0.822 in a Docker container or as a Java command per these [instructions](https://docs.logentries.com/docs/datahub-windows). You can find more details [here](https://docs.logentries.com/docs/datahub-linux). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | Logentries le_java logging library | All versions: this is a deprecated component | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Migrate to version 3.0.9 of [r7insight_java](https://github.com/rapid7/r7insight_java) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | Metasploit Framework | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | Metasploit Pro | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Metasploit Pro ships with log4j but has specific configurations applied to it that mitigate Log4Shell. A future update will contain a fully patched version of log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | tCell Java Agent | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rapid7 | Velociraptor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Raritan | | | | Unknown | [link](https://www.raritan.com/support) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Ravelin | | | | Unknown | [link](https://syslog.ravelin.com/log4shell-cve-2021-44228-4338bb8da67b) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Real-Time Innovations (RTI) | Distributed Logger | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | Recording Console | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | RTI Administration Console | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | RTI Code Generator | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | RTI Code Generator Server | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | RTI Micro Application Generator (MAG) | as part of RTI Connext Micro 3.0.0, 3.0.1, 3.0.2, 3.0.3 | | Affected | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | RTI Micro Application Generator (MAG) | as part of RTI Connext Professional 6.0.0 and 6.0.1 | | Affected | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Real-Time Innovations (RTI) | RTI Monitor | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| Red Hat | log4j-core | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat Integration Camel K | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5130](https://access.redhat.com/errata/RHSA-2021:5130) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat build of Quarkus | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | +| Red Hat | Red Hat CodeReady Studio | | 12.21.0 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [CRS 12.21.1 Patch](https://developers.redhat.com/products/codeready-studio/download?source=sso) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat Data Grid | | 8 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5132](http://access.redhat.com/errata/RHSA-2021:5132) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat Decision Manager | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | +| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | +| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | +| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | +| Red Hat | Red Hat Integration Camel Quarkus | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5126](https://access.redhat.com/errata/RHSA-2021:5126) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat JBoss A-MQ Streaming | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5138](https://access.redhat.com/errata/RHSA-2021:5138) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat JBoss Enterprise Application Platform | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [Maven Patch](https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.4) - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 | +| Red Hat | Red Hat JBoss Fuse | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5134](https://access.redhat.com/errata/RHSA-2021:5134) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat Process Automation | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [Maven Patch](https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=103671&product=rhpam&version=7.11.1&downloadType=patches) - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat Single Sign-On | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Red Hat Vert.X | | 4 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5093](https://access.redhat.com/errata/RHSA-2021:5093) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Satellite 5 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat | Spacewalk | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat OpenShift Container Platform 3.11 | openshift3/ose-logging-elasticsearch5 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5094](http://access.redhat.com/errata/RHSA-2021:5094) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat OpenShift Container Platform 4 | openshift4/ose-logging-elasticsearch6 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-hive | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-presto | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat OpenShift Logging | logging-elasticsearch6-container | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat OpenStack Platform 13 (Queens) | opendaylight | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | End of Life | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat Software Collections | rh-java-common-log4j | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat Software Collections | rh-maven35-log4j12 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red Hat Software Collections | rh-maven36-log4j12 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Red5Pro | | | | Unknown | [link](https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RedGate | | | | Unknown | [link](https://www.red-gate.com/privacy-and-security/vulnerabilities/2021-12-15-log4j-statement) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Redis | | | | Unknown | [link](https://redis.com/security/notice-apache-log4j2-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Reiner SCT | | | | Unknown | [link](https://forum.reiner-sct.com/index.php?/topic/5973-timecard-und-log4j-schwachstelle/&do=findComment&comment=14933) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| ReportURI | | | | Unknown | [link](https://scotthelme.co.uk/responding-to-the-log4j-2-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| ResMed | AirView | | | Unknown | [link](https://www.resmed.com/en-us/security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| ResMed | myAir | | | Unknown | [link](https://www.resmed.com/en-us/security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Respondus | | | | Unknown | [link](https://support.respondus.com/support/index.php?/News/NewsItem/View/339) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Revenera / Flexera | | | | Unknown | [link](https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Ricoh | | | | Unknown | [link](https://www.ricoh.com/info/2021/1215_1/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RingCentral | | | | Unknown | [link](https://www.ringcentral.com/trust-center/security-bulletin.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Riverbed | | | | Unknown | [link](https://supportkb.riverbed.com/support/index?page=content&id=S35645) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Rockwell Automation | FactoryTalk Analytics DataFlowML | 4.00.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rockwell Automation | FactoryTalk Analytics DataView | 3.03.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rockwell Automation | Industrial Data Center | | Gen 1, Gen 2, Gen 3, Gen 3.5 | Fixed | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rockwell Automation | MES EIG | 3.03.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | Customers should upgrade to EIG Hub if possible or work with their local representatives about alternative solutions. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rockwell Automation | VersaVirtual | | Series A | Fixed | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rockwell Automation | Warehouse Management | 4.01.00, 4.02.00, 4.02.01, 4.02.02 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | +| Rollbar | | | | Unknown | [link](https://rollbar.com/blog/log4j-zero-day-2021-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Rosette.com | | | | Unknown | [link](https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA | SecurID Authentication Manager | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA | SecurID Authentication Manager Prime | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA | SecurID Authentication Manager WebTier | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA | SecurID Governance and Lifecycle | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA | SecurID Governance and Lifecycle Cloud | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA | SecurID Identity Router | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| RSA Netwitness | | | | Unknown | [link](https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Rstudioapi | Rstudioapi | | | Not Affected | [link](https://github.com/rstudio/rstudioapi) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 | +| Rubrik | | | | Unknown | [link](https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Ruckus | Virtual SmartZone (vSZ) | 5.1 to 6.0 | | Affected | [link](https://support.ruckuswireless.com/security_bulletins/313) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 | +| RunDeck by PagerDuty | | | | Unknown | [link](https://docs.rundeck.com/docs/history/CVEs/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Runecast | Runecast Analyzer | | 6.0.3 | Fixed | [link](https://www.runecast.com/release-notes) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | SAE-IT | | | | Unknown | [link](https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | SAFE FME Server | | | | Unknown | [link](https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | diff --git a/data/cisagov.yml b/data/cisagov.yml index 972d02e..b0f11e7 100644 --- a/data/cisagov.yml +++ b/data/cisagov.yml @@ -9266,7 +9266,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: Symantec Protection Engine (SPE) cves: @@ -9295,7 +9295,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: Symantec Protection for SharePoint Servers (SPSS) cves: @@ -9324,7 +9324,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: VIP cves: @@ -9353,7 +9353,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: VIP Authentication Hub cves: @@ -9382,7 +9382,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: Web Isolation (WI) cves: @@ -9411,7 +9411,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: Web Security Service (WSS) cves: @@ -9440,7 +9440,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Broadcom product: WebPulse cves: @@ -9469,7 +9469,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: C4b XPHONE product: '' cves: @@ -9498,7 +9498,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Campbell Scientific product: All cves: @@ -9556,7 +9556,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Canary Labs product: All cves: @@ -9874,7 +9874,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Carestream product: '' cves: @@ -9932,7 +9932,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CAS genesisWorld product: '' cves: @@ -9961,7 +9961,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cato Networks product: '' cves: @@ -9990,7 +9990,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cepheid product: C360 cves: @@ -10077,7 +10077,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Chaser Systems product: discrimiNAT Firewall cves: @@ -10107,7 +10107,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: CloudGuard cves: @@ -10137,7 +10137,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: Harmony Endpoint & Harmony Mobile cves: @@ -10167,7 +10167,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: Infinity Portal cves: @@ -10196,7 +10196,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: Quantum Security Gateway cves: @@ -10226,7 +10226,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: Quantum Security Management cves: @@ -10257,7 +10257,7 @@ software: this attack by default. references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: SMB cves: @@ -10287,7 +10287,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Check Point product: ThreatCloud cves: @@ -10316,7 +10316,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CheckMK product: '' cves: @@ -10345,7 +10345,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ciphermail product: '' cves: @@ -10374,7 +10374,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CircleCI product: CircleCI cves: @@ -10432,7 +10432,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: AppDynamics cves: @@ -10461,7 +10461,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco ACI Multi-Site Orchestrator cves: @@ -10490,7 +10490,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco ACI Virtual Edge cves: @@ -10519,7 +10519,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Adaptive Security Appliance (ASA) Software cves: @@ -10548,7 +10548,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Advanced Web Security Reporting Application cves: @@ -10577,7 +10577,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco AMP Virtual Private Cloud Appliance cves: @@ -10606,7 +10606,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco AnyConnect Secure Mobility Client cves: @@ -10635,7 +10635,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Application Policy Infrastructure Controller (APIC) cves: @@ -10664,7 +10664,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco ASR 5000 Series Routers cves: @@ -10693,7 +10693,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Broadcloud Calling cves: @@ -10722,7 +10722,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco BroadWorks cves: @@ -10751,7 +10751,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Catalyst 9800 Series Wireless Controllers cves: @@ -10780,7 +10780,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco CloudCenter Suite Admin cves: @@ -10809,7 +10809,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco CloudCenter Workload Manager cves: @@ -10838,7 +10838,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Cognitive Intelligence cves: @@ -10867,7 +10867,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Common Services Platform Collector cves: @@ -10896,7 +10896,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Computer Telephony Integration Object Server (CTIOS) cves: @@ -10925,7 +10925,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Connected Grid Device Manager cves: @@ -10954,7 +10954,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Connected Mobile Experiences cves: @@ -10983,7 +10983,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Connectivity cves: @@ -11012,7 +11012,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Contact Center Domain Manager (CCDM) cves: @@ -11041,7 +11041,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Contact Center Management Portal (CCMP) cves: @@ -11070,7 +11070,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Crosswork Change Automation cves: @@ -11099,7 +11099,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco CX Cloud Agent Software cves: @@ -11128,7 +11128,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Data Center Network Manager (DCNM) cves: @@ -11157,7 +11157,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Defense Orchestrator cves: @@ -11186,7 +11186,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco DNA Assurance cves: @@ -11215,7 +11215,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco DNA Center cves: @@ -11244,7 +11244,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco DNA Spaces cves: @@ -11273,7 +11273,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Elastic Services Controller (ESC) cves: @@ -11302,7 +11302,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Emergency Responder cves: @@ -11331,7 +11331,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Enterprise Chat and Email cves: @@ -11360,7 +11360,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Enterprise NFV Infrastructure Software (NFVIS) cves: @@ -11389,7 +11389,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Evolved Programmable Network Manager cves: @@ -11418,7 +11418,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Extensible Network Controller (XNC) cves: @@ -11447,7 +11447,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Finesse cves: @@ -11476,7 +11476,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Firepower Management Center cves: @@ -11505,7 +11505,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Firepower Threat Defense (FTD) cves: @@ -11534,7 +11534,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco GGSN Gateway GPRS Support Node cves: @@ -11563,7 +11563,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco HyperFlex System cves: @@ -11592,7 +11592,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Identity Services Engine (ISE) cves: @@ -11621,7 +11621,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Integrated Management Controller (IMC) Supervisor cves: @@ -11650,7 +11650,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Intersight cves: @@ -11679,7 +11679,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Intersight Virtual Appliance cves: @@ -11708,7 +11708,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IOS and IOS XE Software cves: @@ -11737,7 +11737,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System) @@ -11767,7 +11767,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IoT Operations Dashboard cves: @@ -11796,7 +11796,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IOx Fog Director cves: @@ -11825,7 +11825,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco IP Services Gateway (IPSG) cves: @@ -11854,7 +11854,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Kinetic for Cities cves: @@ -11883,7 +11883,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco MDS 9000 Series Multilayer Switches cves: @@ -11912,7 +11912,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Meeting Server cves: @@ -11941,7 +11941,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco MME Mobility Management Entity cves: @@ -11970,7 +11970,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Modeling Labs cves: @@ -11999,7 +11999,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Assessment (CNA) Tool cves: @@ -12028,7 +12028,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Assurance Engine cves: @@ -12057,7 +12057,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Convergence System 2000 Series cves: @@ -12086,7 +12086,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Planner cves: @@ -12115,7 +12115,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Network Services Orchestrator (NSO) cves: @@ -12144,7 +12144,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 5500 Platform Switches cves: @@ -12173,7 +12173,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 5600 Platform Switches cves: @@ -12202,7 +12202,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 6000 Series Switches cves: @@ -12231,7 +12231,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 7000 Series Switches cves: @@ -12260,7 +12260,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode @@ -12290,7 +12290,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus Dashboard (formerly Cisco Application Services Engine) cves: @@ -12319,7 +12319,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus Data Broker cves: @@ -12348,7 +12348,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Nexus Insights cves: @@ -12377,7 +12377,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Optical Network Planner cves: @@ -12406,7 +12406,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Packaged Contact Center Enterprise cves: @@ -12435,7 +12435,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Paging Server cves: @@ -12464,7 +12464,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Paging Server (InformaCast) cves: @@ -12493,7 +12493,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco PDSN/HA Packet Data Serving Node and Home Agent cves: @@ -12522,7 +12522,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco PGW Packet Data Network Gateway cves: @@ -12551,7 +12551,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Policy Suite cves: @@ -12580,7 +12580,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Central for Service Providers cves: @@ -12609,7 +12609,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Collaboration Manager cves: @@ -12638,7 +12638,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Collaboration Provisioning cves: @@ -12667,7 +12667,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Infrastructure cves: @@ -12696,7 +12696,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime License Manager cves: @@ -12725,7 +12725,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Network cves: @@ -12754,7 +12754,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Optical for Service Providers cves: @@ -12783,7 +12783,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Provisioning cves: @@ -12812,7 +12812,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Prime Service Catalog cves: @@ -12841,7 +12841,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Registered Envelope Service cves: @@ -12870,7 +12870,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 1000 Series Routers cves: @@ -12899,7 +12899,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 2000 Series Routers cves: @@ -12928,7 +12928,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 5000 Series Routers cves: @@ -12957,7 +12957,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge Cloud Router Platform cves: @@ -12986,7 +12986,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SD-WAN vManage cves: @@ -13015,7 +13015,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Secure Network Analytics (SNA), formerly Stealthwatch cves: @@ -13044,7 +13044,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco SocialMiner cves: @@ -13073,7 +13073,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco System Architecture Evolution Gateway (SAEGW) cves: @@ -13102,7 +13102,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco TelePresence Management Suite cves: @@ -13131,7 +13131,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco UCS Director cves: @@ -13160,7 +13160,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco UCS Performance Manager cves: @@ -13189,7 +13189,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Umbrella cves: @@ -13218,7 +13218,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Advanced cves: @@ -13247,7 +13247,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Business Edition cves: @@ -13276,7 +13276,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Department Edition cves: @@ -13305,7 +13305,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Enterprise Edition cves: @@ -13334,7 +13334,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Premium Edition cves: @@ -13363,7 +13363,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Communications Manager Cloud cves: @@ -13392,7 +13392,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Contact Center Enterprise cves: @@ -13421,7 +13421,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Contact Center Enterprise - Live Data server cves: @@ -13450,7 +13450,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Contact Center Express cves: @@ -13479,7 +13479,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified Intelligent Contact Management Enterprise cves: @@ -13508,7 +13508,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Unified SIP Proxy Software cves: @@ -13537,7 +13537,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Video Surveillance Operations Manager cves: @@ -13566,7 +13566,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM cves: @@ -13595,7 +13595,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Virtualized Voice Browser cves: @@ -13624,7 +13624,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Vision Dynamic Signage Director cves: @@ -13653,7 +13653,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco WAN Automation Engine (WAE) cves: @@ -13682,7 +13682,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Web Security Appliance (WSA) cves: @@ -13711,7 +13711,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Webex Cloud-Connected UC (CCUC) cves: @@ -13740,7 +13740,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Webex Meetings Server cves: @@ -13769,7 +13769,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Webex Teams cves: @@ -13798,7 +13798,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Cisco Wide Area Application Services (WAAS) cves: @@ -13827,7 +13827,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Duo cves: @@ -13856,7 +13856,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: DUO network gateway (on-prem/self-hosted) cves: @@ -13884,7 +13884,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: duo network gateway (on-prem/self-hosted) cves: @@ -13912,7 +13912,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Exony Virtualized Interaction Manager (VIM) cves: @@ -13941,7 +13941,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cisco product: Managed Services Accelerator (MSX) Network Access Control Service cves: @@ -13970,7 +13970,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Citrix product: Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) cves: @@ -14407,7 +14407,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: AM2CM Tool cves: @@ -14436,7 +14436,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Ambari cves: @@ -14467,7 +14467,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Arcadia Enterprise cves: @@ -14497,7 +14497,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDH, HDP, and HDF cves: @@ -14527,7 +14527,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDP Operational Database (COD) cves: @@ -14556,7 +14556,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDP Private Cloud Base cves: @@ -14586,7 +14586,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDS 3 Powered by Apache Spark cves: @@ -14616,7 +14616,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: CDS 3.2 for GPUs cves: @@ -14646,7 +14646,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Cybersecurity Platform cves: @@ -14676,7 +14676,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Engineering (CDE) cves: @@ -14705,7 +14705,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Engineering (CDE) cves: @@ -14735,7 +14735,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Flow (CFM) cves: @@ -14764,7 +14764,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Science Workbench (CDSW) cves: @@ -14795,7 +14795,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Visualization (CDV) cves: @@ -14824,7 +14824,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Warehouse (CDW) cves: @@ -14853,7 +14853,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Data Warehouse (CDW) cves: @@ -14883,7 +14883,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera DataFlow (CDF) cves: @@ -14912,7 +14912,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Edge Management (CEM) cves: @@ -14942,7 +14942,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Enterprise cves: @@ -14972,7 +14972,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Flow Management (CFM) cves: @@ -15002,7 +15002,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Machine Learning (CML) cves: @@ -15031,7 +15031,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Machine Learning (CML) cves: @@ -15061,7 +15061,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) @@ -15092,7 +15092,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) @@ -15125,7 +15125,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR)) cves: @@ -15154,7 +15154,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Runtime (including Cloudera Data Hub and all Data Hub templates) cves: @@ -15186,7 +15186,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Stream Processing (CSP) cves: @@ -15216,7 +15216,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Streaming Analytics (CSA) cves: @@ -15245,7 +15245,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Cloudera Streaming Analytics (CSA) cves: @@ -15274,7 +15274,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Data Analytics Studio (DAS) cves: @@ -15303,7 +15303,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Data Catalog cves: @@ -15332,7 +15332,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Data Lifecycle Manager (DLM) cves: @@ -15361,7 +15361,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Data Steward Studio (DSS) cves: @@ -15391,7 +15391,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Hortonworks Data Flow (HDF) cves: @@ -15420,7 +15420,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Hortonworks Data Platform (HDP) cves: @@ -15452,7 +15452,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Hortonworks DataPlane Platform cves: @@ -15481,7 +15481,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Management Console cves: @@ -15511,7 +15511,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Management Console for CDP Public Cloud cves: @@ -15540,7 +15540,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Replication Manager cves: @@ -15569,7 +15569,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: SmartSense cves: @@ -15598,7 +15598,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Workload Manager cves: @@ -15627,7 +15627,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Workload XM cves: @@ -15657,7 +15657,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudera product: Workload XM (SaaS) cves: @@ -15686,7 +15686,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CloudFlare product: '' cves: @@ -15715,7 +15715,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudian HyperStore product: '' cves: @@ -15744,7 +15744,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudogu product: Ecosystem cves: @@ -15774,7 +15774,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudogu product: SCM-Manager cves: @@ -15803,7 +15803,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cloudron product: '' cves: @@ -15832,7 +15832,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Clover product: '' cves: @@ -15861,7 +15861,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Code42 product: Code42 App cves: @@ -15952,7 +15952,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Codesys product: '' cves: @@ -15981,7 +15981,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cohesity product: '' cves: @@ -16010,7 +16010,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CommVault product: '' cves: @@ -16039,7 +16039,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Concourse product: Concourse cves: @@ -16068,7 +16068,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ConcreteCMS.com product: '' cves: @@ -16097,7 +16097,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Confluent product: Confluent Cloud cves: @@ -16426,7 +16426,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ConnectWise product: '' cves: @@ -16455,7 +16455,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ContrastSecurity product: '' cves: @@ -16484,7 +16484,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ControlUp product: '' cves: @@ -16513,7 +16513,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: COPADATA product: All cves: @@ -16571,7 +16571,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CPanel product: '' cves: @@ -16600,7 +16600,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Cradlepoint product: '' cves: @@ -16629,7 +16629,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Crestron product: '' cves: @@ -16687,7 +16687,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CryptShare product: '' cves: @@ -16716,7 +16716,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CyberArk product: Privileged Threat Analytics (PTA) cves: @@ -16776,7 +16776,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: CyberRes product: '' cves: @@ -16805,7 +16805,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Daktronics product: All Sport Pro cves: @@ -17417,7 +17417,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dassault Systèmes product: '' cves: @@ -17446,7 +17446,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Databricks product: '' cves: @@ -17475,7 +17475,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Datadog product: Datadog Agent cves: @@ -17508,7 +17508,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dataminer product: '' cves: @@ -17537,7 +17537,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Datev product: '' cves: @@ -17566,7 +17566,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Datto product: '' cves: @@ -17595,7 +17595,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: dCache.org product: '' cves: @@ -17624,7 +17624,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Debian product: '' cves: @@ -17653,7 +17653,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Deepinstinct product: '' cves: @@ -17682,7 +17682,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:51+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dell product: '"Dell EMC PowerMax VMAX VMAX3 and VMAX AFA"' cves: @@ -25107,7 +25107,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Device42 product: '' cves: @@ -25136,7 +25136,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Devolutions product: All products cves: @@ -25165,7 +25165,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Diebold Nixdorf product: '' cves: @@ -25194,7 +25194,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Digi International product: AnywhereUSB Manager cves: @@ -26354,7 +26354,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Digital AI product: '' cves: @@ -26383,7 +26383,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Digital Alert Systems product: All cves: @@ -26441,7 +26441,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Docker product: '' cves: @@ -26470,7 +26470,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Docusign product: '' cves: @@ -26499,7 +26499,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: DrayTek product: Vigor Routers, Access Points, Switches, VigorACS Central Management Software, MyVigor Platform @@ -26558,7 +26558,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Dynatrace product: ActiveGate cves: @@ -26819,7 +26819,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Eaton product: Undisclosed cves: @@ -26851,7 +26851,7 @@ software: wall. references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: EclecticIQ product: '' cves: @@ -26880,7 +26880,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Eclipse Foundation product: '' cves: @@ -26909,7 +26909,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Edwards product: '' cves: @@ -26967,7 +26967,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: EGroupware product: '' cves: @@ -26996,7 +26996,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Elastic product: APM Java Agent cves: @@ -27580,7 +27580,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ellucian product: Admin cves: @@ -31036,7 +31036,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ESET product: '' cves: @@ -31065,7 +31065,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ESRI product: ArcGIS Data Store cves: @@ -31280,7 +31280,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Evolveum Midpoint product: '' cves: @@ -31309,7 +31309,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ewon product: '' cves: @@ -31338,7 +31338,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Exabeam product: '' cves: @@ -31368,7 +31368,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Exact product: '' cves: @@ -31397,7 +31397,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Exivity product: '' cves: @@ -31426,7 +31426,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ExtraHop product: Reveal(x) cves: @@ -31487,7 +31487,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Extreme Networks product: '' cves: @@ -31516,7 +31516,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Extron product: '' cves: @@ -31545,7 +31545,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Elements Connector cves: @@ -31574,7 +31574,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Endpoint Proxy cves: @@ -31604,7 +31604,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Messaging Security Gateway cves: @@ -31633,7 +31633,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Policy Manager cves: @@ -31663,7 +31663,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F-Secure product: Policy Manager Proxy cves: @@ -31693,7 +31693,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: BIG-IP (all modules) cves: @@ -31723,7 +31723,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: BIG-IQ Centralized Management cves: @@ -31753,7 +31753,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: F5OS cves: @@ -31783,7 +31783,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX App Protect cves: @@ -31813,7 +31813,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Controller cves: @@ -31843,7 +31843,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Ingress Controller cves: @@ -31873,7 +31873,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Instance Manager cves: @@ -31903,7 +31903,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Open Source cves: @@ -31933,7 +31933,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Plus cves: @@ -31963,7 +31963,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Service Mesh cves: @@ -31993,7 +31993,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: NGINX Unit cves: @@ -32023,7 +32023,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: F5 product: Traffix SDC cves: @@ -32055,7 +32055,7 @@ software: Kibana), Element Management System' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FAST LTA product: '' cves: @@ -32084,7 +32084,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fastly product: '' cves: @@ -32113,7 +32113,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FedEx product: Ship Manager Software cves: @@ -32210,7 +32210,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FileCatalyst product: '' cves: @@ -32239,7 +32239,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FileCloud product: '' cves: @@ -32268,7 +32268,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FileWave product: '' cves: @@ -32297,7 +32297,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FINVI product: '' cves: @@ -32326,7 +32326,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FireDaemon product: '' cves: @@ -32355,7 +32355,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fisher & Paykel Healthcare product: '' cves: @@ -32413,7 +32413,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Flexera product: '' cves: @@ -32442,7 +32442,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: DLP Manager cves: @@ -32471,7 +32471,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: Forcepoint Cloud Security Gateway (CSG) cves: @@ -32500,7 +32500,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: Next Generation Firewall (NGFW) cves: @@ -32529,7 +32529,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service and Sidewinder @@ -32559,7 +32559,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: One Endpoint cves: @@ -32588,7 +32588,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forcepoint product: Security Manager (Web, Email and DLP) cves: @@ -32617,7 +32617,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Forescout product: '' cves: @@ -32646,7 +32646,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ForgeRock product: Autonomous Identity cves: @@ -32675,7 +32675,7 @@ software: notes: all other ForgeRock products Not vulnerable references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAIOps cves: @@ -32704,7 +32704,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAnalyzer cves: @@ -32733,7 +32733,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAnalyzer Cloud cves: @@ -32762,7 +32762,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAP cves: @@ -32791,7 +32791,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiAuthenticator cves: @@ -32820,7 +32820,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiCASB cves: @@ -32849,7 +32849,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiConvertor cves: @@ -32878,7 +32878,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiDeceptor cves: @@ -32907,7 +32907,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiEDR Agent cves: @@ -32936,7 +32936,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiEDR Cloud cves: @@ -32965,7 +32965,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiGate Cloud cves: @@ -32994,7 +32994,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiGSLB Cloud cves: @@ -33023,7 +33023,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiMail cves: @@ -33052,7 +33052,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiManager cves: @@ -33081,7 +33081,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiManager Cloud cves: @@ -33110,7 +33110,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiNAC cves: @@ -33139,7 +33139,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiNAC cves: @@ -33168,7 +33168,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiOS (includes FortiGate & FortiWiFi) cves: @@ -33197,7 +33197,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiPhish Cloud cves: @@ -33226,7 +33226,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiPolicy cves: @@ -33255,7 +33255,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiPortal cves: @@ -33284,7 +33284,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiRecorder cves: @@ -33313,7 +33313,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiSIEM cves: @@ -33342,7 +33342,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiSOAR cves: @@ -33371,7 +33371,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiSwicth Cloud in FortiLANCloud cves: @@ -33400,7 +33400,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiSwitch & FortiSwitchManager cves: @@ -33429,7 +33429,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiToken Cloud cves: @@ -33458,7 +33458,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiVoice cves: @@ -33487,7 +33487,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: FortiWeb Cloud cves: @@ -33516,7 +33516,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fortinet product: ShieldX cves: @@ -33545,7 +33545,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FTAPI product: '' cves: @@ -33574,7 +33574,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Fujitsu product: '' cves: @@ -33603,7 +33603,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: FusionAuth product: FusionAuth cves: @@ -33633,7 +33633,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GE Digital product: '' cves: @@ -33900,7 +33900,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Genesys product: '' cves: @@ -33929,7 +33929,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GeoServer product: '' cves: @@ -33958,7 +33958,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gerrit code review product: '' cves: @@ -33987,7 +33987,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GFI product: '' cves: @@ -34016,7 +34016,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ghidra product: '' cves: @@ -34045,7 +34045,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gigamon product: Fabric Manager cves: @@ -34135,7 +34135,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Globus product: '' cves: @@ -34164,7 +34164,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:52+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GoAnywhere product: Gateway cves: @@ -38287,7 +38287,7 @@ software: notes: Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gradle product: Gradle Enterprise cves: @@ -38317,7 +38317,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gradle product: Gradle Enterprise Build Cache Node cves: @@ -38347,7 +38347,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gradle product: Gradle Enterprise Test Distribution Agent cves: @@ -38377,7 +38377,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Grafana product: '' cves: @@ -38406,7 +38406,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Grandstream product: '' cves: @@ -38435,7 +38435,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Access Management cves: @@ -38465,7 +38465,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Access Management cves: @@ -38495,7 +38495,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Alert Engine cves: @@ -38525,7 +38525,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Alert Engine cves: @@ -38555,7 +38555,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: API Management cves: @@ -38585,7 +38585,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: API Management cves: @@ -38615,7 +38615,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee product: Cockpit cves: @@ -38645,7 +38645,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravitee.io product: '' cves: @@ -38674,7 +38674,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gravwell product: '' cves: @@ -38703,7 +38703,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Graylog product: Graylog Server cves: @@ -38733,7 +38733,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GreenShot product: '' cves: @@ -38762,7 +38762,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: GSA product: Cloud.gov cves: @@ -38820,7 +38820,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HAProxy product: '' cves: @@ -38849,7 +38849,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HarmanPro AMX product: '' cves: @@ -38878,7 +38878,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Boundary cves: @@ -38907,7 +38907,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Consul cves: @@ -38936,7 +38936,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Consul Enterprise cves: @@ -38965,7 +38965,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Nomad cves: @@ -38994,7 +38994,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Nomad Enterprise cves: @@ -39023,7 +39023,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Packer cves: @@ -39052,7 +39052,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Terraform cves: @@ -39081,7 +39081,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Terraform Enterprise cves: @@ -39110,7 +39110,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Vagrant cves: @@ -39139,7 +39139,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Vault cves: @@ -39168,7 +39168,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Vault Enterprise cves: @@ -39197,7 +39197,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HashiCorp product: Waypoint cves: @@ -39226,7 +39226,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HCL Software product: BigFix Compliance cves: @@ -39465,7 +39465,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HENIX product: Squash TM cves: @@ -39526,7 +39526,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Hikvision product: '' cves: @@ -39555,7 +39555,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Hitachi Energy product: 3rd party - Elastic Search, Kibana cves: @@ -39742,7 +39742,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Hitachi Energy product: FOXMAN-UN cves: @@ -40149,7 +40149,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HMS Industrial Networks AB product: Cosy, Flexy and Ewon CD cves: @@ -40823,7 +40823,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: HP product: Teradici Cloud Access Controller cves: @@ -44204,7 +44204,7 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: [] @@ -44775,7 +44775,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Hubspot product: '' cves: @@ -44804,7 +44804,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: I-Net software product: '' cves: @@ -44833,7 +44833,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: I2P product: '' cves: @@ -44862,7 +44862,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBA-AG product: '' cves: @@ -44891,7 +44891,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ibexa product: '' cves: @@ -44920,7 +44920,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Analytics Engine cves: @@ -45238,7 +45238,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: BigFix Inventory cves: @@ -45269,7 +45269,7 @@ software: of log4j is included. Version is included in the name of the library. references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Block Storage cves: @@ -47999,7 +47999,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Mass Data Migration cves: @@ -48609,7 +48609,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Robotic Process Automation cves: @@ -48811,7 +48811,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IBM product: Spectrum Archive Library Edition cves: @@ -50464,7 +50464,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IGEL product: '' cves: @@ -50493,7 +50493,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ignite Realtime product: '' cves: @@ -50522,7 +50522,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: iGrafx product: '' cves: @@ -50551,7 +50551,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Illuminated Cloud product: '' cves: @@ -50580,7 +50580,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Illumio product: C-VEN cves: @@ -50986,7 +50986,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Imperva product: '' cves: @@ -51015,7 +51015,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Inductive Automation product: Ignition cves: @@ -51075,7 +51075,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: infinidat product: '' cves: @@ -51104,7 +51104,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: InfluxData product: '' cves: @@ -51133,7 +51133,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Infoblox product: '' cves: @@ -51162,7 +51162,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Informatica product: '' cves: @@ -51191,7 +51191,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Instana product: '' cves: @@ -51220,7 +51220,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Instructure product: '' cves: @@ -51249,7 +51249,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:53+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Intel product: Audio Development Kit cves: @@ -51629,7 +51629,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Intland product: codebeamer cves: @@ -51661,7 +51661,7 @@ software: and [21.09](https://codebeamer.com/cb/wiki/19418497), but not yet for [21.04](https://codebeamer.com/cb/wiki/16937839) references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: IPRO product: Netgovern cves: @@ -51689,7 +51689,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: iRedMail product: '' cves: @@ -51718,7 +51718,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ironnet product: '' cves: @@ -51747,7 +51747,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ISLONLINE product: '' cves: @@ -51776,7 +51776,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ivanti product: Application Control for Linux cves: @@ -53977,7 +53977,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jamf product: Jamf Pro cves: @@ -54007,7 +54007,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Janitza product: GridVis cves: @@ -54066,7 +54066,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jedox product: '' cves: @@ -54095,7 +54095,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jenkins product: CI/CD Core cves: @@ -54123,7 +54123,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jenkins product: Plugins cves: @@ -54183,7 +54183,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jetbrains product: Code With Me cves: @@ -54213,7 +54213,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Datalore cves: @@ -54243,7 +54243,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Floating license server cves: @@ -54273,7 +54273,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Gateway cves: @@ -54303,7 +54303,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Hub cves: @@ -54333,7 +54333,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, @@ -54365,7 +54365,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Kotlin cves: @@ -54395,7 +54395,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Ktor cves: @@ -54425,7 +54425,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: MPS cves: @@ -54455,7 +54455,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: Space cves: @@ -54485,7 +54485,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: TeamCity cves: @@ -54515,7 +54515,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: ToolBox cves: @@ -54545,7 +54545,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: UpSource cves: @@ -54575,7 +54575,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: YouTrack InCloud cves: @@ -54605,7 +54605,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JetBrains product: YouTrack Standalone cves: @@ -54635,7 +54635,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: JFROG product: '' cves: @@ -54664,7 +54664,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jitsi product: '' cves: @@ -54693,7 +54693,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jitterbit product: '' cves: @@ -54722,7 +54722,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Johnson Controls product: BCPro cves: @@ -55591,7 +55591,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: jPOS product: (ISO-8583) bridge cves: @@ -55621,7 +55621,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Jump Desktop product: '' cves: @@ -55650,7 +55650,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Juniper Networks product: '' cves: @@ -55679,7 +55679,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Justice Systems product: '' cves: @@ -55708,7 +55708,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: K15t product: '' cves: @@ -55737,7 +55737,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: K6 product: '' cves: @@ -55766,7 +55766,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Karakun product: '' cves: @@ -55795,7 +55795,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Kaseya product: '' cves: @@ -55824,7 +55824,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Keeper Security product: '' cves: @@ -55853,7 +55853,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: KEMP product: '' cves: @@ -55882,7 +55882,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: KEMP 2 product: '' cves: @@ -55911,7 +55911,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Kofax product: '' cves: @@ -55940,7 +55940,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Konica Minolta product: '' cves: @@ -55969,7 +55969,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Kronos UKG product: '' cves: @@ -55998,7 +55998,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Kyberna product: '' cves: @@ -56027,7 +56027,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: L-Soft product: '' cves: @@ -56056,7 +56056,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: L3Harris Geospatial product: '' cves: @@ -56085,7 +56085,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lancom Systems product: '' cves: @@ -56114,7 +56114,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lansweeper product: '' cves: @@ -56143,7 +56143,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Laserfiche product: '' cves: @@ -56172,7 +56172,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LastPass product: '' cves: @@ -56201,7 +56201,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LaunchDarkly product: '' cves: @@ -56230,7 +56230,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Leanix product: '' cves: @@ -56259,7 +56259,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Leica BIOSYSTEMS product: Aperio AT2 cves: @@ -58439,7 +58439,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Let's Encrypt product: '' cves: @@ -58468,7 +58468,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LibreNMS product: '' cves: @@ -58497,7 +58497,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LifeRay product: '' cves: @@ -58526,7 +58526,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LifeSize product: '' cves: @@ -58555,7 +58555,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lightbend product: '' cves: @@ -58584,7 +58584,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lime CRM product: '' cves: @@ -58613,7 +58613,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LIONGARD product: '' cves: @@ -58642,7 +58642,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LiquidFiles product: '' cves: @@ -58671,7 +58671,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LiveAction product: '' cves: @@ -58700,7 +58700,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Loftware product: '' cves: @@ -58729,7 +58729,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LOGalyze product: SIEM & log analyzer tool cves: @@ -58790,7 +58790,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LogicMonitor product: LogicMonitor Platform cves: @@ -58819,7 +58819,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LogMeIn product: '' cves: @@ -58848,7 +58848,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LogRhythm product: '' cves: @@ -58877,7 +58877,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Looker product: Looker cves: @@ -58912,7 +58912,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: LucaNet product: '' cves: @@ -58941,7 +58941,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lucee product: '' cves: @@ -58970,7 +58970,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Lyrasis product: Fedora Repository cves: @@ -59033,7 +59033,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Maltego product: '' cves: @@ -59062,7 +59062,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ManageEngine product: AD SelfService Plus cves: @@ -59150,7 +59150,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ManageEngine Zoho product: ADAudit Plus cves: @@ -59527,7 +59527,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MathWorks product: All MathWorks general release desktop or server products cves: @@ -59645,7 +59645,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mattermost FocalBoard product: '' cves: @@ -59674,7 +59674,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: McAfee product: Data Exchange Layer (DXL) Client cves: @@ -60550,7 +60550,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MEINBERG product: LANTIME and microSync cves: @@ -60608,7 +60608,7 @@ software: notes: Project is written in Python references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Memurai product: '' cves: @@ -60705,7 +60705,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure Application Gateway cves: @@ -60734,7 +60734,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure Data lake store java cves: @@ -60764,7 +60764,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure Data lake store java cves: @@ -60794,7 +60794,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure DevOps cves: @@ -60823,7 +60823,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure DevOps Server cves: @@ -60853,7 +60853,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Azure Traffic Manager cves: @@ -60882,7 +60882,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microsoft product: Team Foundation Server cves: @@ -60912,7 +60912,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Microstrategy product: '' cves: @@ -60999,7 +60999,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Milestone sys product: '' cves: @@ -61028,7 +61028,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mimecast product: '' cves: @@ -61057,7 +61057,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Minecraft product: '' cves: @@ -61086,7 +61086,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mirantis product: '' cves: @@ -61115,7 +61115,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Miro product: '' cves: @@ -61144,7 +61144,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mitel product: '' cves: @@ -61173,7 +61173,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MMM Group product: Control software of all MMM series cves: @@ -61261,7 +61261,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Atlas Search cves: @@ -61290,7 +61290,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators) @@ -61320,7 +61320,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Drivers cves: @@ -61349,7 +61349,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, Enterprise Kubernetes Operators) @@ -61379,7 +61379,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Realm (including Realm Database, Sync, Functions, APIs) cves: @@ -61408,7 +61408,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MongoDB product: MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas CLI, Database Connectors) @@ -61438,7 +61438,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Moodle product: '' cves: @@ -61467,7 +61467,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: MoogSoft product: '' cves: @@ -61496,7 +61496,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Motorola Avigilon product: '' cves: @@ -61587,7 +61587,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Mulesoft product: Anypoint Studio cves: @@ -61740,7 +61740,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nagios product: '' cves: @@ -61769,7 +61769,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NAKIVO product: '' cves: @@ -61798,7 +61798,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: National Instruments product: OptimalPlus cves: @@ -61890,7 +61890,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Netcup product: '' cves: @@ -61919,7 +61919,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NetGate PFSense product: '' cves: @@ -61948,7 +61948,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Netwrix product: '' cves: @@ -61977,7 +61977,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: New Relic product: Containerized Private Minion (CPM) cves: @@ -62068,7 +62068,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nextflow product: Nextflow cves: @@ -62156,7 +62156,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NinjaRMM product: '' cves: @@ -62186,7 +62186,7 @@ software: by CISA references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nomachine product: '' cves: @@ -62215,7 +62215,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NoviFlow product: '' cves: @@ -62244,7 +62244,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Backlog cves: @@ -62274,7 +62274,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Backlog Enterprise (On-premises) cves: @@ -62304,7 +62304,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Cacoo cves: @@ -62334,7 +62334,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Cacoo Enterprise (On-premises) cves: @@ -62364,7 +62364,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nulab product: Typetalk cves: @@ -62394,7 +62394,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Nutanix product: AHV cves: @@ -63466,7 +63466,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: NXLog product: '' cves: @@ -63495,7 +63495,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Objectif Lune product: '' cves: @@ -63524,7 +63524,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OCLC product: '' cves: @@ -63553,7 +63553,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Octopus product: '' cves: @@ -63582,7 +63582,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Okta product: Advanced Server Access cves: @@ -63932,7 +63932,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Opengear product: '' cves: @@ -63961,7 +63961,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OpenMRS TALK product: '' cves: @@ -63990,7 +63990,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OpenNMS product: '' cves: @@ -64019,7 +64019,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OpenSearch product: '' cves: @@ -64048,7 +64048,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OpenText product: '' cves: @@ -64325,7 +64325,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Osirium product: PAM cves: @@ -64354,7 +64354,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Osirium product: PEM cves: @@ -64383,7 +64383,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Osirium product: PPA cves: @@ -64412,7 +64412,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OTRS product: '' cves: @@ -64441,7 +64441,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OVHCloud product: '' cves: @@ -64470,7 +64470,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OwnCloud product: '' cves: @@ -64499,7 +64499,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:54+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: OxygenXML product: Author cves: @@ -64877,8 +64877,8 @@ software: references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: QF-Test - product: '' + - vendor: Palantir + product: Palantir AI Inference Platform (AIP) cves: cve-2021-4104: investigated: false @@ -64886,9 +64886,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - All unaffected_versions: [] cve-2021-45046: investigated: false @@ -64901,13 +64902,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.qfs.de/en/blog/article/no-log4j-vulnerability-in-qf-test.html - notes: '' + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: Fully remediated as of 1.97.0. Disconnected customer instances may require + manual updates. references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Qlik - product: '' + last_updated: '2021-12-19T00:00:00' + - vendor: Palantir + product: Palantir Apollo cves: cve-2021-4104: investigated: false @@ -64915,10 +64917,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-45046: investigated: false affected_versions: [] @@ -64930,13 +64933,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368 - notes: '' + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: No impact, and updates have been deployed for full remediation. references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: QMATIC - product: Appointment Booking + last_updated: '2021-12-19T00:00:00' + - vendor: Palantir + product: Palantir Foundry cves: cve-2021-4104: investigated: false @@ -64945,9 +64948,9 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - 2.4+ - fixed_versions: [] + affected_versions: [] + fixed_versions: + - All unaffected_versions: [] cve-2021-45046: investigated: false @@ -64960,13 +64963,15 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability - notes: Update to v. 2.8.2 which contains log4j 2.16 + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: No impact to Palantir-hosted or Apollo-connected instances, and updates + have been deployed for full remediation. Disconnected customer instances may + require manual updates. references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: QMATIC - product: Appointment Booking + last_updated: '2021-12-19T00:00:00' + - vendor: Palantir + product: Palantir Gotham cves: cve-2021-4104: investigated: false @@ -64975,9 +64980,9 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - Cloud/Managed Service - fixed_versions: [] + affected_versions: [] + fixed_versions: + - All unaffected_versions: [] cve-2021-45046: investigated: false @@ -64990,13 +64995,15 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability - notes: log4j 2.16 applied 2021-12-15 + - https://www.palantir.com/security-advisories/log4j-vulnerability/ + notes: No impact to Palantir-hosted or Apollo-connected instances, and updates + have been deployed for full remediation. Disconnected customer instances may + require manual updates. references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: QMATIC - product: Insights + last_updated: '2021-12-19T00:00:00' + - vendor: Palo-Alto Networks + product: Bridgecrew cves: cve-2021-4104: investigated: false @@ -65004,9 +65011,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Cloud + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -65020,13 +65026,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability - notes: log4j 2.16 applied 2021-12-16 + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: QMATIC - product: Orchestra Central + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: CloudGenix cves: cve-2021-4104: investigated: false @@ -65034,11 +65040,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - 6.0+ + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -65050,13 +65055,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability + - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: QNAP - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Cortex Data Lake cves: cve-2021-4104: investigated: false @@ -65079,13 +65084,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.qnap.com/en-uk/security-advisory/qsa-21-58 + - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: QOPPA - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Cortex XDR Agent cves: cve-2021-4104: investigated: false @@ -65108,13 +65113,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://kbdeveloper.qoppa.com/cve-2021-44228-apache-log4j-vulnerability/ + - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: QSC Q-SYS - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Cortex Xpanse cves: cve-2021-4104: investigated: false @@ -65137,13 +65142,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://qscprod.force.com/selfhelpportal/s/article/Are-Q-SYS-products-affected-by-the-Log4j-vulnerability-CVE-2021-44228 + - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: QT - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Cortex XSOAR cves: cve-2021-4104: investigated: false @@ -65166,13 +65171,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.qt.io/blog/the-qt-company-products-not-affected-by-cve-2021-44228-log4j-vulnerability + - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Quest Global - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Expedition cves: cve-2021-4104: investigated: false @@ -65195,13 +65200,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://support.quest.com/fr-fr/search#q=CVE-2021-44228&t=Global + - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Runecast - product: Runecast Analyzer + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: GlobalProtect App cves: cve-2021-4104: investigated: false @@ -65209,10 +65214,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - 6.0.3 + fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false @@ -65225,13 +65229,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.runecast.com/release-notes + - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SAE-IT - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: IoT Security cves: cve-2021-4104: investigated: false @@ -65254,13 +65258,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html + - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SAFE FME Server - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Okyo Grade cves: cve-2021-4104: investigated: false @@ -65283,13 +65287,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j + - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SAGE - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Palo-Alto Networks-OS for Firewall and Wildfire cves: cve-2021-4104: investigated: false @@ -65312,13 +65316,47 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228 + - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SailPoint - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Palo-Alto Networks-OS for Panorama + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - '9.0' + - '9.1' + - '10.0' + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' + references: + - Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will + be updated when hot fixes for the affected Panorama versions are available. + PAN-OS for Panorama versions 8.1, 10.1 are not affected. + last_updated: '2021-12-15T00:00:00' + - vendor: Palo-Alto Networks + product: Prisma Access cves: cve-2021-4104: investigated: false @@ -65341,14 +65379,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681 - notes: This advisory is available to customers only and has not been reviewed - by CISA + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Salesforce - product: Analytics Cloud + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Prisma Cloud cves: cve-2021-4104: investigated: false @@ -65371,15 +65408,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Analytics Cloud is reported to be affected by CVE-2021-44228. Services - have been updated to mitigate the issues identified in CVE-2021-44228 and we - are executing our final validation steps."' + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: B2C Commerce Cloud + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: Prisma Cloud Compute cves: cve-2021-4104: investigated: false @@ -65402,14 +65437,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The - service is being updated to remediate the vulnerability identified in CVE-2021-44228."' + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: ClickSoftware (As-a-Service) + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: SaaS Security cves: cve-2021-4104: investigated: false @@ -65432,14 +65466,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. - The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: ClickSoftware (On-Premise) + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: User-ID Agent cves: cve-2021-4104: investigated: false @@ -65462,13 +65495,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Please contact Customer Support."' + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: Community Cloud + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: WildFire Appliance cves: cve-2021-4104: investigated: false @@ -65491,14 +65524,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Community Cloud is reported to be affected by CVE-2021-44228. The service - is being updated to remediate the vulnerability identified in CVE-2021-44228."' + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: Data.com + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Palo-Alto Networks + product: WildFire Cloud cves: cve-2021-4104: investigated: false @@ -65521,15 +65553,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Data.com is reported to be affected by CVE-2021-44228. The service has - a mitigation in place and is being updated to remediate the vulnerability identified in - CVE-2021-44228."' + - https://security.paloaltonetworks.com/CVE-2021-44228 + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: DataLoader + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Panopto + product: '' cves: cve-2021-4104: investigated: false @@ -65537,10 +65567,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - <=53.0.0 + fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false @@ -65553,13 +65582,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://github.com/forcedotcom/dataloader/releases/tag/v53.0.1 + - https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Salesforce - product: Datorama + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PaperCut + product: PaperCut MF cves: cve-2021-4104: investigated: false @@ -65567,10 +65596,43 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: + investigated: true + affected_versions: + - 21.0 and later + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.papercut.com/support/known-issues/?id=PO-684#ng + notes: Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted + by this. Workaround manual steps available in reference. Upgrade to PaperCut + NG/MF version 21.2.3 Now Available to resolve. + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: PaperCut + product: PaperCut NG + cves: + cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 21.0 and later + fixed_versions: [] + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -65582,15 +65644,15 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Datorama is reported to be affected by CVE-2021-44228. The service has - a mitigation in place and is being updated to remediate the vulnerability identified in - CVE-2021-44228."' + - https://www.papercut.com/support/known-issues/?id=PO-684#ng + notes: Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted + by this. Workaround manual steps available in reference. Upgrade to PaperCut + NG/MF version 21.2.3 Now Available to resolve. references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: Evergage (Interaction Studio) + last_updated: '2021-12-16T00:00:00' + - vendor: Parallels + product: '' cves: cve-2021-4104: investigated: false @@ -65613,15 +65675,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. - Services have been updated to mitigate the issues identified in CVE-2021-44228 - and we are executing our final validation steps."' + - https://kb.parallels.com/en/128696 + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: Force.com + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Parse.ly + product: '' cves: cve-2021-4104: investigated: false @@ -65644,14 +65704,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Force.com is reported to be affected by CVE-2021-44228. The service is - being updated to remediate the vulnerability identified in CVE-2021-44228."' + - https://blog.parse.ly/parse-ly-log4shell/ + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: Heroku + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PBXMonitor + product: RMM for 3CX PBX cves: cve-2021-4104: investigated: false @@ -65674,14 +65733,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Heroku is reported to not be affected by CVE-2021-44228; no further action - is necessary at this time."' + - https://www.pbxmonitor.net/changelog.php + notes: Mirror Servers were also checked to ensure Log4J was not installed or being + used by any of our systems. references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: Marketing Cloud + last_updated: '2021-12-22T00:00:00' + - vendor: Pega + product: '' cves: cve-2021-4104: investigated: false @@ -65704,14 +65763,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Marketing Cloud is reported to be affected by CVE-2021-44228. The service - is being updated to remediate the vulnerability identified in CVE-2021-44228."' + - https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: MuleSoft (Cloud) + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pentaho + product: '' cves: cve-2021-4104: investigated: false @@ -65734,14 +65792,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service - is being updated to remediate the vulnerability identified in CVE-2021-44228."' + - https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho- + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: MuleSoft (On-Premise) + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pepperl+Fuchs + product: '' cves: cve-2021-4104: investigated: false @@ -65764,13 +65821,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Please contact Customer Support."' + - https://www.pepperl-fuchs.com/global/en/29079.htm + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: Pardot + last_updated: '2021-12-21T00:00:00' + - vendor: Percona + product: '' cves: cve-2021-4104: investigated: false @@ -65793,14 +65850,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Pardot is reported to be affected by CVE-2021-44228. The service is being - updated to remediate the vulnerability identified in CVE-2021-44228."' + - https://www.percona.com/blog/log4jshell-vulnerability-update/ + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: Sales Cloud + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pexip + product: '' cves: cve-2021-4104: investigated: false @@ -65823,14 +65879,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Sales Cloud is reported to be affected by CVE-2021-44228. The service - is being updated to remediate the vulnerability identified in CVE-2021-44228."' + - https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: Service Cloud + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Phenix Id + product: '' cves: cve-2021-4104: investigated: false @@ -65853,14 +65908,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Service Cloud is reported to be affected by CVE-2021-44228. The service - is being updated to remediate the vulnerability identified in CVE-2021-44228."' + - https://support.phenixid.se/uncategorized/log4j-fix/ + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: Slack + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Philips + product: Multiple products cves: cve-2021-4104: investigated: false @@ -65883,15 +65937,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Slack is reported to be affected by CVE-2021-44228. The service has a - mitigation in place and is being updated to remediate the vulnerability identified in - CVE-2021-44228."' + - https://www.philips.com/a-w/security/security-advisories.html + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: Social Studio + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PHOENIX CONTACT + product: Cloud Services cves: cve-2021-4104: investigated: false @@ -65914,15 +65966,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Social Studio is reported to be affected by CVE-2021-44228. The service - has a mitigation in place and is being updated to remediate the vulnerability - identified in CVE-2021-44228."' + - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf + notes: Partly affected. Remediations are being implemented. references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Salesforce - product: Tableau (On-Premise) + last_updated: '2021-12-22T00:00:00' + - vendor: PHOENIX CONTACT + product: Physical products containing firmware cves: cve-2021-4104: investigated: false @@ -65930,10 +65980,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - < 2021.4.1 + fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false @@ -65946,13 +65995,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell - notes: Fixed in 2021.4.1 + - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf + notes: '' references: - '' - last_updated: '2021-12-16T00:00:00' - - vendor: Salesforce - product: Tableau (Online) + last_updated: '2021-12-22T00:00:00' + - vendor: PHOENIX CONTACT + product: Software Products cves: cve-2021-4104: investigated: false @@ -65975,14 +66024,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Tableau (Online) is reported to be affected by CVE-2021-44228. The service - is being updated to remediate the vulnerability identified in CVE-2021-44228."' + - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf + notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: Samsung Electronics America - product: Knox Admin Portal + last_updated: '2021-12-22T00:00:00' + - vendor: Ping Identity + product: PingAccess cves: cve-2021-4104: investigated: false @@ -65991,29 +66039,28 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - 4.0 <= version <= 6.3.2 fixed_versions: [] - unaffected_versions: - - All + unaffected_versions: [] cve-2021-45046: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - All + unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox Asset Intelligence + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingCentral cves: cve-2021-4104: investigated: false @@ -66021,61 +66068,28 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All - cve-2021-45046: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All - cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services - notes: '' - references: - - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox Configure - cves: - cve-2021-4104: + cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All - cve-2021-45046: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - All cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox E-FOTA One + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingFederate cves: cve-2021-4104: investigated: false @@ -66084,29 +66098,28 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - 8.0 <= version <= 10.3.4 fixed_versions: [] - unaffected_versions: - - All + unaffected_versions: [] cve-2021-45046: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - All + unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox Guard + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingFederate Java Integration Kit cves: cve-2021-4104: investigated: false @@ -66115,29 +66128,28 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - < 2.7.2 fixed_versions: [] - unaffected_versions: - - All + unaffected_versions: [] cve-2021-45046: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - All + unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox License Management + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingFederate OAuth Playground cves: cve-2021-4104: investigated: false @@ -66146,29 +66158,28 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - < 4.3.1 fixed_versions: [] - unaffected_versions: - - All + unaffected_versions: [] cve-2021-45046: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - All + unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox Manage + last_updated: '2021-12-15T00:00:00' + - vendor: Ping Identity + product: PingIntelligence cves: cve-2021-4104: investigated: false @@ -66176,16 +66187,14 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - Cloud + fixed_versions: [] unaffected_versions: [] cve-2021-45046: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - Cloud + fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false @@ -66193,13 +66202,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 notes: '' references: - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox Managed Services Provider (MSP) + last_updated: '2021-12-15T00:00:00' + - vendor: Pitney Bowes + product: '' cves: cve-2021-4104: investigated: false @@ -66207,30 +66216,28 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - All + unaffected_versions: [] cve-2021-45046: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - All + unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + - https://www.pitneybowes.com/us/support/apache-log4j-vulnerability.html notes: '' references: - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox Mobile Enrollment + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Planmeca + product: '' cves: cve-2021-4104: investigated: false @@ -66238,30 +66245,28 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - All + unaffected_versions: [] cve-2021-45046: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - All + unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + - https://www.planmeca.com/apache-log4j-vulnerability-in-planmeca-products/ notes: '' references: - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Samsung Electronics America - product: Knox Reseller Portal + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Planon Software + product: '' cves: cve-2021-4104: investigated: false @@ -66269,16 +66274,14 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - Cloud + fixed_versions: [] unaffected_versions: [] cve-2021-45046: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - Cloud + fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false @@ -66286,12 +66289,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services - notes: '' + - https://my.planonsoftware.com/uk/news/log4j-impact-on-planon/ + notes: This advisory is available for customers only and has not been reviewed + by CISA references: - '' - last_updated: '2022-01-17T00:00:00' - - vendor: Sangoma + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Platform.SH product: '' cves: cve-2021-4104: @@ -66315,12 +66319,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.sangoma.com/community/s/article/Log4Shell + - https://platform.sh/blog/2021/platformsh-protects-from-apache-log4j/ notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SAP + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Plesk product: '' cves: cve-2021-4104: @@ -66344,14 +66348,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf - notes: This advisory is available to customers only and has not been reviewed - by CISA + - https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache + notes: '' references: - '' - last_updated: '2021-12-17T00:00:00' - - vendor: SAP Advanced Platform - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Plex + product: Plex Industrial IoT cves: cve-2021-4104: investigated: false @@ -66374,13 +66377,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://launchpad.support.sap.com/#/notes/3130698 - notes: This advisory is available to customers only and has not been reviewed - by CISA + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: The product has been updated to Log4j version 2.15. An additional patch + is being developed to update to 2.16. No user interaction is required. references: - '' - last_updated: '2021-12-17T00:00:00' - - vendor: SAP BusinessObjects + last_updated: '2021-12-15T00:00:00' + - vendor: Polycom product: '' cves: cve-2021-4104: @@ -66404,13 +66407,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blogs.sap.com/2021/12/16/cve-2021-44228-impact-of-log4j-vulnerability-on-sap-businessobjects/ - notes: The support document is available to customers only and has not been reviewed - by CISA + - https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf + notes: '' references: - '' - last_updated: '2021-12-17T00:00:00' - - vendor: SAS + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Portainer product: '' cves: cve-2021-4104: @@ -66434,12 +66436,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html + - https://www.portainer.io/blog/portainer-statement-re-log4j-cve-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SASSAFRAS + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PortSwigger product: '' cves: cve-2021-4104: @@ -66463,12 +66465,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.sassafras.com/log4j-vulnerability-cve-2021-44228/ + - https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Savignano software solutions + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PostGreSQL product: '' cves: cve-2021-4104: @@ -66492,13 +66494,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://savignano.atlassian.net/wiki/spaces/SNOTIFY/blog/2021/12/13/2839740417/No+Log4j+Vulnerability+in+S+Notify + - https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/ notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SBT - product: SBT + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Postman + product: '' cves: cve-2021-4104: investigated: false @@ -66506,9 +66508,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - <1.5.6 + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -66522,13 +66523,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://github.com/sbt/sbt/releases/tag/v1.5.7 + - https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228- notes: '' references: - '' - last_updated: '2021-12-15T00:00:00' - - vendor: ScaleComputing - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Power Admin LLC + product: PA File Sight cves: cve-2021-4104: investigated: false @@ -66536,10 +66537,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - NONE cve-2021-45046: investigated: false affected_versions: [] @@ -66550,15 +66552,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: - - https://community.scalecomputing.com/s/article/Apache-Log4j-Vulnerability - notes: This advisory is available to customers only and has not been reviewed - by CISA + vendor_links: [] + notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: ScaleFusion MobileLock Pro - product: '' + last_updated: '2021-12-17T00:00:00' + - vendor: Power Admin LLC + product: PA Server Monitor cves: cve-2021-4104: investigated: false @@ -66566,10 +66566,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - NONE cve-2021-45046: investigated: false affected_versions: [] @@ -66580,14 +66581,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: - - https://help.mobilock.in/article/t9sx43yg44-scalefusion-security-advisory-for-apache-log-4-j-vulnerability-cve-2021-44228 + vendor_links: [] notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Schneider Electric - product: EASYFIT + last_updated: '2021-12-17T00:00:00' + - vendor: Power Admin LLC + product: PA Storage Monitor cves: cve-2021-4104: investigated: false @@ -66596,10 +66596,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - Current software and earlier + affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - NONE cve-2021-45046: investigated: false affected_versions: [] @@ -66610,14 +66610,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + vendor_links: [] notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: Ecoreal XL + last_updated: '2021-12-17T00:00:00' + - vendor: Pretix + product: '' cves: cve-2021-4104: investigated: false @@ -66625,9 +66624,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -66641,13 +66639,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://pretix.eu/about/de/blog/20211213-log4j/ notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: EcoStruxure IT Expert + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PrimeKey + product: '' cves: cve-2021-4104: investigated: false @@ -66655,10 +66653,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - Cloud + fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false @@ -66670,13 +66667,14 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: [] + vendor_links: + - https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228 notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: EcoStruxure IT Gateway + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Progress / IpSwitch + product: '' cves: cve-2021-4104: investigated: false @@ -66684,10 +66682,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - V1.5.0 to V1.13.0 + fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false @@ -66700,13 +66697,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://ecostruxureit.com/download-and-set-upecostruxureit-gateway/ + - https://www.progress.com/security notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: Eurotherm Data Reviewer + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ProofPoint + product: '' cves: cve-2021-4104: investigated: false @@ -66714,9 +66711,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - V3.0.2 and prior + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -66730,13 +66726,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ - notes: '' + - https://proofpointcommunities.force.com/community/s/article/Proofpoint-Statement-Regarding-CVE-2021-44228-Java-logging-package-log4j2 + notes: This advisory is available for customers only and has not been reviewed + by CISA references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: Facility Expert Small Business + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ProSeS + product: '' cves: cve-2021-4104: investigated: false @@ -66744,10 +66741,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - Cloud + fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false @@ -66760,13 +66756,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://www.proses.de/en/2021/12/16/log4shell-cve-2021-44228/ notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: MSE + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Prosys + product: '' cves: cve-2021-4104: investigated: false @@ -66774,9 +66770,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -66790,13 +66785,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://prosysopc.com/news/important-security-release/ notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: NetBotz750/755 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Proxmox + product: '' cves: cve-2021-4104: investigated: false @@ -66804,9 +66799,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Software versions 5.0 through 5.3.0 + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -66820,13 +66814,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880 notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: NEW630 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PRTG Paessler + product: '' cves: cve-2021-4104: investigated: false @@ -66834,9 +66828,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -66850,13 +66843,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://kb.paessler.com/en/topic/90213-is-prtg-affected-by-cve-2021-44228 notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: SDK BOM + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: PTC + product: Axeda Platform cves: cve-2021-4104: investigated: false @@ -66866,7 +66859,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - Current software and earlier + - 6.9.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -66880,13 +66873,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://www.ptc.com/en/support/article/CS358990 notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: SDK-Docgen + last_updated: '2021-12-17T00:00:00' + - vendor: PTC + product: ThingsWorx Analytics cves: cve-2021-4104: investigated: false @@ -66896,7 +66889,11 @@ software: cve-2021-44228: investigated: true affected_versions: - - Current software and earlier + - '8.5' + - '9.0' + - '9.1' + - '9.2' + - All supported versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -66910,13 +66907,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://www.ptc.com/en/support/article/CS358901 notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: SDK-TNC + last_updated: '2021-12-17T00:00:00' + - vendor: PTC + product: ThingsWorx Platform cves: cve-2021-4104: investigated: false @@ -66926,7 +66923,11 @@ software: cve-2021-44228: investigated: true affected_versions: - - Current software and earlier + - '8.5' + - '9.0' + - '9.1' + - '9.2' + - All supported versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -66940,13 +66941,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://www.ptc.com/en/support/article/CS358901 notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: SDK-UMS + last_updated: '2021-12-17T00:00:00' + - vendor: PTV Group + product: '' cves: cve-2021-4104: investigated: false @@ -66954,9 +66955,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -66970,13 +66970,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: SDK3D2DRenderer + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Connect Secure (ICS) cves: cve-2021-4104: investigated: false @@ -66984,9 +66984,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67000,13 +66999,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: SDK3D360Widget + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for secure Access cves: cve-2021-4104: investigated: false @@ -67014,9 +67013,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67030,13 +67028,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: Select and Config DATA + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for secure Access cves: cve-2021-4104: investigated: false @@ -67044,9 +67042,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67060,13 +67057,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: SNC-API + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for ZTA cves: cve-2021-4104: investigated: false @@ -67074,9 +67071,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67090,13 +67086,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: SNC-CMM + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Ivanti Neurons for ZTA cves: cve-2021-4104: investigated: false @@ -67104,9 +67100,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67120,13 +67115,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: SNCSEMTECH + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Connect Secure cves: cve-2021-4104: investigated: false @@ -67134,9 +67129,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67150,13 +67144,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: SPIMV3 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Desktop Client cves: cve-2021-4104: investigated: false @@ -67164,9 +67158,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67180,13 +67173,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: SWBEditor + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Mobile Client cves: cve-2021-4104: investigated: false @@ -67194,9 +67187,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67210,13 +67202,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: SWBEngine + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse One cves: cve-2021-4104: investigated: false @@ -67224,9 +67216,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - Current software and earlier + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67240,13 +67231,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.se.com/us/en/download/document/7EN52-0390/ + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schneider Electric - product: Wiser by SE platform + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Policy Secure cves: cve-2021-4104: investigated: false @@ -67254,10 +67245,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - Cloud + fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false @@ -67269,13 +67259,14 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: [] + vendor_links: + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Schweitzer Engineering Laboratories - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Secure Services Director cves: cve-2021-4104: investigated: false @@ -67298,42 +67289,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://selinc.com/support/security-notifications/ + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: SCM Manager - product: '' - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://scm-manager.org/blog/posts/2021-12-13-log4shell/ - notes: '' - references: - - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: ScreenBeam - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Secure Virtual Traffic Manager cves: cve-2021-4104: investigated: false @@ -67356,13 +67318,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://customersupport.screenbeam.com/hc/en-us/articles/4416468085389-December-2021-Security-Alert-Log4j-CVE-2021-44228 + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SDL worldServer - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse Secure Web Application Firewall cves: cve-2021-4104: investigated: false @@ -67385,13 +67347,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://gateway.sdl.com/apex/communityknowledge?articleName=000017707 + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Seagull Scientific - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pulse Secure + product: Pulse ZTA cves: cve-2021-4104: investigated: false @@ -67414,12 +67376,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://support.seagullscientific.com/hc/en-us/articles/4415794235543-Apache-Log4Shell-Vulnerability + - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SecurePoint + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Puppet product: '' cves: cve-2021-4104: @@ -67443,12 +67405,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.securepoint.de/news/details/sicherheitsluecke-log4j-securepoint-loesungen-nicht-betroffen.html + - https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/ notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Security Onion + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pure Storage product: '' cves: cve-2021-4104: @@ -67472,13 +67434,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html - notes: '' + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22) + notes: This advisory is available for customers only and has not been reviewed + by CISA references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Securonix - product: Extended Detection and Response (XDR) + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Pure Storage + product: Cloud Blockstore cves: cve-2021-4104: investigated: false @@ -67488,7 +67451,8 @@ software: cve-2021-44228: investigated: true affected_versions: - - All + - CBS6.1.x + - CBS6.2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67502,13 +67466,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf - notes: Patching ongoing as of 12/10/2021 + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: Patch expected 12/27/2021 references: - '' - last_updated: '2021-12-10T00:00:00' - - vendor: Securonix - product: Next Gen SIEM + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: Flash Array cves: cve-2021-4104: investigated: false @@ -67518,7 +67482,10 @@ software: cve-2021-44228: investigated: true affected_versions: - - All + - 5.3.x + - 6.0.x + - 6.1.x + - 6.2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67532,13 +67499,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf - notes: Patching ongoing as of 12/10/2021 + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: Patch expected 12/20/2021 references: - '' - last_updated: '2021-12-10T00:00:00' - - vendor: Securonix - product: Security Analytics and Operations Platform (SOAR) + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: FlashBlade cves: cve-2021-4104: investigated: false @@ -67548,36 +67515,9 @@ software: cve-2021-44228: investigated: true affected_versions: - - All - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf - notes: Patching ongoing as of 12/10/2021 - references: - - '' - last_updated: '2021-12-10T00:00:00' - - vendor: Securonix - product: SNYPR Application - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] + - 3.1.x + - 3.2.x + - 3.3.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67591,13 +67531,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-OnPrem-Customer-Update.pdf - notes: '' + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: Patch expected 12/24/2021 references: - '' - last_updated: '2021-12-10T00:00:00' - - vendor: Securonix - product: User and Entity Behavior Analytics(UEBA) + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: PortWorx cves: cve-2021-4104: investigated: false @@ -67607,7 +67547,7 @@ software: cve-2021-44228: investigated: true affected_versions: - - All + - 2.8.0+ fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67621,13 +67561,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf - notes: Patching ongoing as of 12/10/2021 + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: '' references: - '' - last_updated: '2021-12-10T00:00:00' - - vendor: Seeburger - product: '' + last_updated: '2021-12-15T00:00:00' + - vendor: Pure Storage + product: Pure1 cves: cve-2021-4104: investigated: false @@ -67635,9 +67575,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - N/A unaffected_versions: [] cve-2021-45046: investigated: false @@ -67650,13 +67591,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open - notes: This advisory is available to customers only and has not been reviewed - by CISA. + - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j + notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SentinelOne + last_updated: '2021-12-15T00:00:00' + - vendor: Pyramid Analytics product: '' cves: cve-2021-4104: @@ -67680,12 +67620,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.sentinelone.com/blog/cve-2021-44228-staying-secure-apache-log4j-vulnerability/ + - https://community.pyramidanalytics.com/t/83hjjt4/log4j-security-vulnerability-pyramid notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Sentry + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: QF-Test product: '' cves: cve-2021-4104: @@ -67709,12 +67649,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://blog.sentry.io/2021/12/15/sentrys-response-to-log4j-vulnerability-cve-2021-44228 + - https://www.qfs.de/en/blog/article/no-log4j-vulnerability-in-qf-test.html notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SEP + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Qlik product: '' cves: cve-2021-4104: @@ -67738,13 +67678,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://support.sep.de/otrs/public.pl?Action=PublicFAQZoom;ItemID=132 + - https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Server Eye - product: '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: QMATIC + product: Appointment Booking cves: cve-2021-4104: investigated: false @@ -67752,8 +67692,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - 2.4+ fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67767,13 +67708,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.server-eye.de/blog/sicherheitsluecke-log4j-server-eye-systeme-sind-nicht-betroffen/ - notes: '' + - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability + notes: Update to v. 2.8.2 which contains log4j 2.16 references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: ServiceNow - product: '' + last_updated: '2021-12-21T00:00:00' + - vendor: QMATIC + product: Appointment Booking cves: cve-2021-4104: investigated: false @@ -67781,8 +67722,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - Cloud/Managed Service fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67796,13 +67738,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 - notes: '' + - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability + notes: log4j 2.16 applied 2021-12-15 references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Shibboleth - product: '' + last_updated: '2021-12-21T00:00:00' + - vendor: QMATIC + product: Insights cves: cve-2021-4104: investigated: false @@ -67810,8 +67752,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - Cloud fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -67825,13 +67768,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - http://shibboleth.net/pipermail/announce/2021-December/000253.html - notes: '' + - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability + notes: log4j 2.16 applied 2021-12-16 references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Shibboleth - product: All Products + last_updated: '2021-12-21T00:00:00' + - vendor: QMATIC + product: Orchestra Central cves: cve-2021-4104: investigated: false @@ -67843,8 +67786,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - Identity Provider>=3.0 - - All other software versions + - 6.0+ cve-2021-45046: investigated: false affected_versions: [] @@ -67856,12 +67798,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://shibboleth.net/pipermail/announce/2021-December/000253.html + - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability notes: '' references: - '' - last_updated: '2021-12-10T00:00:00' - - vendor: Shopify + last_updated: '2021-12-21T00:00:00' + - vendor: QNAP product: '' cves: cve-2021-4104: @@ -67885,12 +67827,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625 + - https://www.qnap.com/en-uk/security-advisory/qsa-21-58 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Siebel + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: QOPPA product: '' cves: cve-2021-4104: @@ -67914,73 +67856,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html + - https://kbdeveloper.qoppa.com/cve-2021-44228-apache-log4j-vulnerability/ notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Siemens - product: Affected Products - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf - notes: 'Siemens requests: See pdf for the complete list of affected products, - CSAF for automated parsing of data' - references: - - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens - product: Affected Products - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - vendor_links: - - https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf - notes: 'Siemens requests: See pdf for the complete list of affected products, - CSAF for automated parsing of data' - references: - - '' - last_updated: '2021-12-19T00:00:00' - - vendor: Siemens Energy - product: Affected Products + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: QSC Q-SYS + product: '' cves: cve-2021-4104: investigated: false @@ -68003,14 +67885,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf - notes: 'Siemens requests: See pdf for the complete list of affected products, - CSAF for automated parsing of data' + - https://qscprod.force.com/selfhelpportal/s/article/Are-Q-SYS-products-affected-by-the-Log4j-vulnerability-CVE-2021-44228 + notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: Siemens Energy - product: Affected Products + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: QT + product: '' cves: cve-2021-4104: investigated: false @@ -68033,14 +67914,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf - notes: 'Siemens requests: See pdf for the complete list of affected products, - CSAF for automated parsing of data' + - https://www.qt.io/blog/the-qt-company-products-not-affected-by-cve-2021-44228-log4j-vulnerability + notes: '' references: - '' - last_updated: '2021-12-20T00:00:00' - - vendor: Siemens Energy - product: Affected Products + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Quest Global + product: '' cves: cve-2021-4104: investigated: false @@ -68063,14 +67943,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf - notes: 'Siemens requests: See pdf for the complete list of affected products, - CSAF for automated parsing of data' + - https://support.quest.com/fr-fr/search#q=CVE-2021-44228&t=Global + notes: '' references: - '' - last_updated: '2021-12-16T00:00:00' - - vendor: Siemens Healthineers - product: ATELLICA DATA MANAGER v1.1.1 / v1.2.1 / v1.3.1 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: R + product: R cves: cve-2021-4104: investigated: false @@ -68078,10 +67957,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - 4.1.1 cve-2021-45046: investigated: false affected_versions: [] @@ -68093,15 +67973,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: If you have determined that your Atellica Data Manager has a “Java communication - engine” service, and you require an immediate mitigation, then please contact - your Siemens Customer Care Center or your local Siemens technical support representative. + - https://www.r-project.org/ + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: CENTRALINK v16.0.2 / v16.0.3 + last_updated: '2021-12-21T00:00:00' + - vendor: R2ediviewer + product: '' cves: cve-2021-4104: investigated: false @@ -68124,15 +68002,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: If you have determined that your CentraLink has a “Java communication engine” - service, and you require a mitigation, then please contact your Siemens Customer - Care Center or your local Siemens technical support representative. + - https://r2ediviewer.de/DE/reload.html?Change-log_17858584.html + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: Cios Flow S1 / Alpha / Spin VA30 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Radware + product: '' cves: cve-2021-4104: investigated: false @@ -68155,13 +68031,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: evaluation ongoing + - https://support.radware.com/app/answers/answer_view/a_id/1029752 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: Cios Select FD/I.I. VA21 / VA21-S3P + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Rapid7 + product: AlcidekArt, kAdvisor, and kAudit cves: cve-2021-4104: investigated: false @@ -68169,10 +68045,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68184,13 +68061,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: evaluation ongoing + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: DICOM Proxy VB10A + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: AppSpider Enterprise cves: cve-2021-4104: investigated: false @@ -68198,10 +68075,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68213,13 +68091,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: remove the vulnerable class from the .jar file' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: go.All, Som10 VA20 / VA30 / VA40 + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: AppSpider Pro cves: cve-2021-4104: investigated: false @@ -68227,10 +68105,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68242,14 +68121,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 - from other devices by configuration of the hospital network.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: go.Fit, Som10 VA30 + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Insight Agent cves: cve-2021-4104: investigated: false @@ -68257,10 +68135,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68272,14 +68151,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 - from other devices by configuration of the hospital network.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: go.Now, Som10 VA10 / VA20 / VA30 / VA40 + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightAppSec Scan Engine cves: cve-2021-4104: investigated: false @@ -68287,10 +68165,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68302,14 +68181,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 - from other devices by configuration of the hospital network.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: go.Open Pro, Som10 VA30 / VA40 + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightAppSec Scan Engine cves: cve-2021-4104: investigated: false @@ -68317,10 +68195,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68332,14 +68211,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 - from other devices by configuration of the hospital network.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: go.Sim, Som10 VA30 / VA40 + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightCloudSec/DivvyCloud cves: cve-2021-4104: investigated: false @@ -68347,10 +68225,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68362,14 +68241,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 - from other devices by configuration of the hospital network.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: go.Top, Som10 VA20 / VA20A_SP5 / VA30 / VA40 + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightConnect Orchestrator cves: cve-2021-4104: investigated: false @@ -68377,10 +68255,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68392,14 +68271,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 - from other devices by configuration of the hospital network.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: go.Up, Som10 VA10 / VA20 / VA30 / VA40 + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightIDR Network Sensor cves: cve-2021-4104: investigated: false @@ -68407,10 +68285,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68422,15 +68301,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 - from other devices by configuration of the hospital network.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: MAGNETOM AERA 1,5T, MAGNETOM PRISMA, MAGNETOM PRISMA FIT, MAGNETOM SKYRA - 3T NUMARIS/X VA30A + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightIDR/InsightOps Collector & Event Sources cves: cve-2021-4104: investigated: false @@ -68438,10 +68315,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68453,15 +68331,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'LOG4J is used in the context of the help system. Workaround: close port - 8090 for standalone systems. Setup IP whitelisting for "need to access" systems - to network port 8090 in case a second console is connected.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: MAGNETOM Altea NUMARIS/X VA20A + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightOps DataHub cves: cve-2021-4104: investigated: false @@ -68469,8 +68345,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - InsightOps DataHub <= 2.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -68484,16 +68361,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'LOG4J is used in the context of the help system. Workaround: close port - 8090 for standalone systems. Setup IP whitelisting for "need to access" systems - to network port 8090 in case a second console is connected.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Upgrade [DataHub to version 2.0.1](https://rep.logentries.com/datahub/DataHub_2.0.1.deb) + using the [following instructions](https://docs.rapid7.com/insightops/setting-up-datahub/). references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: MAGNETOM ALTEA, MAGNETOM LUMINA, MAGNETOM SOLA, MAGNETOM VIDA NUMARIS/X - VA31A + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightOps non-Java logging libraries cves: cve-2021-4104: investigated: false @@ -68501,10 +68376,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68516,15 +68392,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'LOG4J is used in the context of the help system. Workaround: close port - 8090 for standalone systems. Setup IP whitelisting for "need to access" systems - to network port 8090 in case a second console is connected.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: MAGNETOM Amira NUMARIS/X VA12M + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightOps r7insight_java logging library cves: cve-2021-4104: investigated: false @@ -68532,8 +68406,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - <=3.0.8 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -68547,15 +68422,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'LOG4J is used in the context of the help system. Workaround: close port - 8090 for standalone systems. Setup IP whitelisting for "need to access" systems - to network port 8090 in case a second console is connected.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Upgrade [r7insight_java](https://github.com/rapid7/r7insight_java) to 3.0.9 references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: MAGNETOM Free.Max NUMARIS/X VA40 + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM Kubernetes Monitor cves: cve-2021-4104: investigated: false @@ -68563,10 +68436,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68578,15 +68452,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'LOG4J is used in the context of the help system. Workaround: close port - 8090 for standalone systems. Setup IP whitelisting for "need to access" systems - to network port 8090 in case a second console is connected.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: MAGNETOM Lumina NUMARIS/X VA20A + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM/Nexpose cves: cve-2021-4104: investigated: false @@ -68594,10 +68466,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68609,15 +68482,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'LOG4J is used in the context of the help system. Workaround: close port - 8090 for standalone systems. Setup IP whitelisting for "need to access" systems - to network port 8090 in case a second console is connected.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: MAGNETOM Sempra NUMARIS/X VA12M + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM/Nexpose Console cves: cve-2021-4104: investigated: false @@ -68625,10 +68496,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68640,15 +68512,15 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'LOG4J is used in the context of the help system. Workaround: close port - 8090 for standalone systems. Setup IP whitelisting for "need to access" systems - to network port 8090 in case a second console is connected.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” + packaged in them. This is a different library than log4j-core and is not vulnerable + to Log4Shell. references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: MAGNETOM Sola fit NUMARIS/X VA20A + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: InsightVM/Nexpose Engine cves: cve-2021-4104: investigated: false @@ -68656,10 +68528,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68671,15 +68544,15 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'LOG4J is used in the context of the help system. Workaround: close port - 8090 for standalone systems. Setup IP whitelisting for "need to access" systems - to network port 8090 in case a second console is connected.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” + packaged in them. This is a different library than log4j-core and is not vulnerable + to Log4Shell. references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: MAGNETOM Sola NUMARIS/X VA20A + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: IntSights virtual appliance cves: cve-2021-4104: investigated: false @@ -68687,10 +68560,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68702,15 +68576,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'LOG4J is used in the context of the help system. Workaround: close port - 8090 for standalone systems. Setup IP whitelisting for "need to access" systems - to network port 8090 in case a second console is connected.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: MAGNETOM Vida fit NUMARIS/X VA20A + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Logentries DataHub cves: cve-2021-4104: investigated: false @@ -68718,8 +68590,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - Linux version <= 1.2.0.820; Windows version <= 1.2.0.820 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -68733,15 +68606,16 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'LOG4J is used in the context of the help system. Workaround: close port - 8090 for standalone systems. Setup IP whitelisting for "need to access" systems - to network port 8090 in case a second console is connected.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: 'Linux: Install DataHub_1.2.0.822.deb using the following [instructions](https://docs.logentries.com/docs/datahub-linux). + Windows: Run version 1.2.0.822 in a Docker container or as a Java command per + these [instructions](https://docs.logentries.com/docs/datahub-windows). You + can find more details [here](https://docs.logentries.com/docs/datahub-linux).' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: MAGNETOM Vida NUMARIS/X VA10A* / VA20A + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Logentries le_java logging library cves: cve-2021-4104: investigated: false @@ -68749,8 +68623,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - 'All versions: this is a deprecated component' fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -68764,15 +68639,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'LOG4J is used in the context of the help system. Workaround: close port - 8090 for standalone systems. Setup IP whitelisting for "need to access" systems - to network port 8090 in case a second console is connected.' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Migrate to version 3.0.9 of [r7insight_java](https://github.com/rapid7/r7insight_java) references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Metasploit Framework cves: cve-2021-4104: investigated: false @@ -68780,10 +68653,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68795,13 +68669,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: evaluation ongoing + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: Somatom Emotion Som5 VC50 + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Metasploit Pro cves: cve-2021-4104: investigated: false @@ -68809,10 +68683,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68824,13 +68699,15 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: evaluation ongoing + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: Metasploit Pro ships with log4j but has specific configurations applied + to it that mitigate Log4Shell. A future update will contain a fully patched + version of log4j. references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: Somatom Scope Som5 VC50 + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: tCell Java Agent cves: cve-2021-4104: investigated: false @@ -68838,10 +68715,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68853,13 +68731,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: evaluation ongoing + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A + last_updated: '2021-12-15T00:00:00' + - vendor: Rapid7 + product: Velociraptor cves: cve-2021-4104: investigated: false @@ -68867,10 +68745,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - on-prem cve-2021-45046: investigated: false affected_versions: [] @@ -68882,13 +68761,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: remove the vulnerable class from the .jar file' + - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: Syngo MobileViewer VA10A + last_updated: '2021-12-15T00:00:00' + - vendor: Raritan + product: '' cves: cve-2021-4104: investigated: false @@ -68911,14 +68790,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: The vulnerability will be patch/mitigated in upcoming releases\patches. + - https://www.raritan.com/support + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: syngo Plaza VB20A / VB20A_HF01 - HF07 / VB30A / VB30A_HF01 / VB30A_HF02 - / VB30B / VB30C / VB30C_HF01 - HF06 / VB30C_HF91 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Ravelin + product: '' cves: cve-2021-4104: investigated: false @@ -68941,14 +68819,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: remove the vulnerable class from the .jar file' + - https://syslog.ravelin.com/log4shell-cve-2021-44228-4338bb8da67b + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: syngo Workflow MLR VB37A / VB37A_HF01 / VB37A_HF02 / VB37B / VB37B_HF01 - - HF07 / VB37B_HF93 / VB37B_HF94 / VB37B_HF96 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Real-Time Innovations (RTI) + product: Distributed Logger cves: cve-2021-4104: investigated: false @@ -68971,16 +68848,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: Please contact your Customer Service to get support on mitigating the vulnerability. + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: syngo.via VB20A / VB20A_HF01 - HF08 / VB20A_HF91 / VB20B / VB30A / VB30A_HF01 - - VB30A_HF08 / VB30A_HF91VB30B / VB30B_HF01 / VB40A / VB40A_HF01 - HF02 /VB40B - / VB40B_HF01 - HF05 / VB50A / VB50A_CUT / VB50A_D4VB50B / VB50B_HF01 - HF03 - / VB60A / VB60A_CUT / VB60A_D4 / VB60A_HF01 + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: Recording Console cves: cve-2021-4104: investigated: false @@ -69003,13 +68877,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: remove the vulnerable class from the .jar file' + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: syngo.via WebViewer VA13B / VA20A / VA20B + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Administration Console cves: cve-2021-4104: investigated: false @@ -69032,13 +68906,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: remove the vulnerable class from the .jar file' + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: X.Ceed Somaris 10 VA40* + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Code Generator cves: cve-2021-4104: investigated: false @@ -69061,14 +68935,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 - from other devices by configuration of the hospital network.' + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Siemens Healthineers - product: X.Cite Somaris 10 VA30*/VA40* + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Code Generator Server cves: cve-2021-4104: investigated: false @@ -69091,14 +68964,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 - notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 - from other devices by configuration of the hospital network.' + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' references: - '' - last_updated: '2021-12-22T00:00:00' - - vendor: Sierra Wireless - product: '' + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Micro Application Generator (MAG) cves: cve-2021-4104: investigated: false @@ -69106,8 +68978,12 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - as part of RTI Connext Micro 3.0.0 + - 3.0.1 + - 3.0.2 + - 3.0.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -69121,13 +68997,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/ + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Sierra Wireless - product: AirVantage and Octave cloud platforms + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Micro Application Generator (MAG) cves: cve-2021-4104: investigated: false @@ -69135,8 +69011,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - as part of RTI Connext Professional 6.0.0 and 6.0.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -69150,14 +69027,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs - notes: These systems do not operate with the specific non-standard configuration - required for CVE-2021-25046 and hence were not vulnerable to it. + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products + notes: '' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Sierra Wireless - product: AM/AMM servers + last_updated: '2021-12-16T00:00:00' + - vendor: Real-Time Innovations (RTI) + product: RTI Monitor cves: cve-2021-4104: investigated: false @@ -69180,13 +69056,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs + - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products notes: '' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Signald - product: '' + last_updated: '2021-12-16T00:00:00' + - vendor: Red Hat + product: log4j-core cves: cve-2021-4104: investigated: false @@ -69209,13 +69085,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://gitlab.com/signald/signald/-/issues/259 + - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Silver Peak - product: Orchestrator, Silver Peak GMS + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Integration Camel K cves: cve-2021-4104: investigated: false @@ -69238,16 +69114,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.arubanetworks.com/website/techdocs/sdwan/docs/advisories/media/security_advisory_notice_apache_log4j2_cve_2021_44228.pdf - notes: Customer managed Orchestrator and legacy GMS products are affected by this - vulnerability. This includes on-premise and customer managed instances running - in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective - Action Required for details about how to mitigate this exploit. + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5130](https://access.redhat.com/errata/RHSA-2021:5130)' references: - '' - last_updated: '2021-12-14T00:00:00' - - vendor: SingleWire - product: '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat build of Quarkus cves: cve-2021-4104: investigated: false @@ -69270,14 +69143,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://support.singlewire.com/s/article/Apache-Log4j2-vulnerability-CVE-2021-44228 - notes: This advisory is available to customers only and has not been reviewed - by CISA + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SISCO - product: '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat CodeReady Studio cves: cve-2021-4104: investigated: false @@ -69285,9 +69157,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - 12.21.0 unaffected_versions: [] cve-2021-45046: investigated: false @@ -69300,13 +69173,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://sisconet.com/sisco-news/log4j/ - notes: '' + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[CRS 12.21.1 Patch](https://developers.redhat.com/products/codeready-studio/download?source=sso)' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Sitecore - product: '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Data Grid cves: cve-2021-4104: investigated: false @@ -69314,10 +69187,41 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '8' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5132](http://access.redhat.com/errata/RHSA-2021:5132)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Decision Manager + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' cve-2021-45046: investigated: false affected_versions: [] @@ -69329,13 +69233,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1001391 + - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Skillable - product: '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Enterprise Linux cves: cve-2021-4104: investigated: false @@ -69343,10 +69247,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '6' cve-2021-45046: investigated: false affected_versions: [] @@ -69358,13 +69263,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://skillable.com/log4shell/ + - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SLF4J - product: '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Enterprise Linux cves: cve-2021-4104: investigated: false @@ -69372,10 +69277,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '7' cve-2021-45046: investigated: false affected_versions: [] @@ -69387,13 +69293,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - http://slf4j.org/log4shell.html + - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Slurm - product: Slurm + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Enterprise Linux cves: cve-2021-4104: investigated: false @@ -69405,7 +69311,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 20.11.8 + - '8' cve-2021-45046: investigated: false affected_versions: [] @@ -69417,13 +69323,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://slurm.schedmd.com/documentation.html + - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' - last_updated: '2021-12-21T00:00:00' - - vendor: SMA Solar Technology AG - product: '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat Integration Camel Quarkus cves: cve-2021-4104: investigated: false @@ -69446,13 +69352,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://files.sma.de/downloads/HK_Log4j-en-10.pdf?_ga=2.237963714.352491368.1640298543-2015796445.1640298540 - notes: '' + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5126](https://access.redhat.com/errata/RHSA-2021:5126)' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: SmartBear - product: '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss A-MQ Streaming cves: cve-2021-4104: investigated: false @@ -69475,13 +69381,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://smartbear.com/security/cve-2021-44228/ - notes: '' + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5138](https://access.redhat.com/errata/RHSA-2021:5138)' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SmileCDR - product: '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss Enterprise Application Platform cves: cve-2021-4104: investigated: false @@ -69489,10 +69395,43 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '7' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: "[Maven Patch](https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.4)\ + \ - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't\ + \ affected." + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss Enterprise Application Platform Expansion Pack + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '7' cve-2021-45046: investigated: false affected_versions: [] @@ -69504,13 +69443,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 + - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Sn0m - product: '' + last_updated: '2021-12-20T00:00:00' + - vendor: Red Hat + product: Red Hat JBoss Fuse cves: cve-2021-4104: investigated: false @@ -69518,10 +69457,41 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '7' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5134](https://access.redhat.com/errata/RHSA-2021:5134)' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Process Automation + cves: + cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '7' + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -69533,13 +69503,15 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.snom.com/en/press/log4j-poses-no-threat-snom-phones/ - notes: '' + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: "[Maven Patch](https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=103671&product=rhpam&version=7.11.1&downloadType=patches)\ + \ - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't\ + \ affected." references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Snakemake - product: Snakemake + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Red Hat Single Sign-On cves: cve-2021-4104: investigated: false @@ -69551,7 +69523,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 6.12.1 + - '7' cve-2021-45046: investigated: false affected_versions: [] @@ -69563,13 +69535,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://snakemake.readthedocs.io/en/stable/ + - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' last_updated: '2021-12-21T00:00:00' - - vendor: Snow Software - product: Snow Commander + - vendor: Red Hat + product: Red Hat Vert.X cves: cve-2021-4104: investigated: false @@ -69580,7 +69552,7 @@ software: investigated: true affected_versions: [] fixed_versions: - - 8.1 to 8.10.2 + - '4' unaffected_versions: [] cve-2021-45046: investigated: false @@ -69593,13 +69565,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS - notes: '' + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5093](https://access.redhat.com/errata/RHSA-2021:5093)' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Snow Software - product: VM Access Proxy + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Satellite 5 cves: cve-2021-4104: investigated: false @@ -69607,10 +69579,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - v3.1 to v3.6 + fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false @@ -69623,13 +69594,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS + - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Snowflake - product: '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat + product: Spacewalk cves: cve-2021-4104: investigated: false @@ -69652,13 +69623,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://community.snowflake.com/s/article/No-Snowflake-exposure-to-Apache-Log4j-vulnerability-CVE-2021-44228 + - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Snyk - product: Cloud Platform + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 3.11 + product: openshift3/ose-logging-elasticsearch5 cves: cve-2021-4104: investigated: false @@ -69681,13 +69652,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://updates.snyk.io/snyk%27s-cloud-platform-all-clear-from-log4j-exploits-216499 - notes: '' + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '[RHSA-2021:5094](http://access.redhat.com/errata/RHSA-2021:5094)' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Software AG - product: '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 4 + product: openshift4/ose-logging-elasticsearch6 cves: cve-2021-4104: investigated: false @@ -69710,13 +69681,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849 - notes: '' + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: SolarWinds - product: Database Performance Analyzer (DPA) + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 4 + product: openshift4/ose-metering-hive cves: cve-2021-4104: investigated: false @@ -69724,11 +69696,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - 2021.1.x - - 2021.3.x - - 2022.1.x + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -69742,13 +69711,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 - notes: 'For more information, please see the following KB article: [link](https://support.solarwinds.com/SuccessCenter/s/article/Database-Performance-Analyzer-DPA-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US)' + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. references: - '' - last_updated: '2021-12-23T00:00:00' - - vendor: SolarWinds - product: Orion Platform + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Container Platform 4 + product: openshift4/ose-metering-presto cves: cve-2021-4104: investigated: false @@ -69771,13 +69741,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 - notes: '' + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. references: - '' - last_updated: '2021-12-23T00:00:00' - - vendor: SolarWinds - product: Server & Application Monitor (SAM) + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenShift Logging + product: logging-elasticsearch6-container cves: cve-2021-4104: investigated: false @@ -69785,9 +69756,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - SAM 2020.2.6 and later + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -69801,14 +69771,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 - notes: 'For more information, please see the following KB article for the latest - details specific to the SAM hotfix: [link](https://support.solarwinds.com/SuccessCenter/s/article/Server-Application-Monitor-SAM-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US)' + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: Please refer to Red Hat Customer Portal to find the right errata for your + version. references: - '' - last_updated: '2021-12-23T00:00:00' - - vendor: SonarSource - product: '' + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat OpenStack Platform 13 (Queens) + product: opendaylight cves: cve-2021-4104: investigated: false @@ -69831,13 +69801,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 - notes: '' + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: End of Life references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Sonatype - product: All Products + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat Software Collections + product: rh-java-common-log4j cves: cve-2021-4104: investigated: false @@ -69845,11 +69815,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - All Versions + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -69861,17 +69830,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://help.sonatype.com/docs/important-announcements/sonatype-product-log4j-vulnerability-status - notes: Sonatype uses logback as the default logging solution as opposed to log4j. - This means our software including Nexus Lifecycle, Nexus Firewall, Nexus Repository - OSS and Nexus Repository Pro in versions 2.x and 3.x are NOT affected by the - reported log4j vulnerabilities. We still advise keeping your software upgraded - at the latest version. + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' references: - '' - last_updated: '2021-12-29T00:00:00' - - vendor: SonicWall - product: Access Points + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat Software Collections + product: rh-maven35-log4j12 cves: cve-2021-4104: investigated: false @@ -69894,13 +69859,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Log4j2 not used in the SonicWall Access Points + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: Analytics + last_updated: '2021-12-21T00:00:00' + - vendor: Red Hat Software Collections + product: rh-maven36-log4j12 cves: cve-2021-4104: investigated: false @@ -69923,13 +69888,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Under Review + - https://access.redhat.com/security/cve/cve-2021-44228 + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: Analyzer + last_updated: '2021-12-21T00:00:00' + - vendor: Red5Pro + product: '' cves: cve-2021-4104: investigated: false @@ -69952,13 +69917,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Under Review + - https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/ + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: Capture Client & Capture Client Portal + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RedGate + product: '' cves: cve-2021-4104: investigated: false @@ -69981,13 +69946,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Log4j2 not used in the Capture Client. + - https://www.red-gate.com/privacy-and-security/vulnerabilities/2021-12-15-log4j-statement + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: Capture Security Appliance + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Redis + product: '' cves: cve-2021-4104: investigated: false @@ -70010,13 +69975,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Log4j2 not used in the Capture Security appliance. + - https://redis.com/security/notice-apache-log4j2-cve-2021-44228/ + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: CAS + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Reiner SCT + product: '' cves: cve-2021-4104: investigated: false @@ -70039,13 +70004,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Under Review + - https://forum.reiner-sct.com/index.php?/topic/5973-timecard-und-log4j-schwachstelle/&do=findComment&comment=14933 + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: Email Security + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ReportURI + product: '' cves: cve-2021-4104: investigated: false @@ -70068,13 +70033,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: ES 10.0.11 and earlier versions are impacted + - https://scotthelme.co.uk/responding-to-the-log4j-2-vulnerability/ + notes: '' references: - '' - last_updated: '2021-12-17T00:00:00' - - vendor: SonicWall - product: Gen5 Firewalls (EOS) + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ResMed + product: AirView cves: cve-2021-4104: investigated: false @@ -70097,13 +70062,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Log4j2 not used in the appliance. + - https://www.resmed.com/en-us/security/ + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: Gen6 Firewalls + last_updated: '2021-12-21T00:00:00' + - vendor: ResMed + product: myAir cves: cve-2021-4104: investigated: false @@ -70126,13 +70091,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Log4j2 not used in the appliance. + - https://www.resmed.com/en-us/security/ + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: Gen7 Firewalls + last_updated: '2021-12-21T00:00:00' + - vendor: Respondus + product: '' cves: cve-2021-4104: investigated: false @@ -70155,13 +70120,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Log4j2 not used in the appliance. + - https://support.respondus.com/support/index.php?/News/NewsItem/View/339 + notes: This advisory is available to customers only and has not been reviewed + by CISA references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: GMS + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Revenera / Flexera + product: '' cves: cve-2021-4104: investigated: false @@ -70184,13 +70150,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Under Review + - https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905 + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: MSW + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Ricoh + product: '' cves: cve-2021-4104: investigated: false @@ -70213,13 +70179,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Mysonicwall service doesn't use Log4j + - https://www.ricoh.com/info/2021/1215_1/ + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: NSM + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RingCentral + product: '' cves: cve-2021-4104: investigated: false @@ -70242,13 +70208,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: NSM On-Prem and SaaS doesn't use a vulnerable version + - https://www.ringcentral.com/trust-center/security-bulletin.html + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: SMA 100 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Riverbed + product: '' cves: cve-2021-4104: investigated: false @@ -70271,13 +70237,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Log4j2 not used in the SMA100 appliance. + - https://supportkb.riverbed.com/support/index?page=content&id=S35645 + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: SMA 1000 + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Rockwell Automation + product: FactoryTalk Analytics DataFlowML cves: cve-2021-4104: investigated: false @@ -70285,8 +70251,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - 4.00.00 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -70300,13 +70267,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Version 12.1.0 and 12.4.1 doesn't use a vulnerable version + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: SonicCore + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: FactoryTalk Analytics DataView cves: cve-2021-4104: investigated: false @@ -70314,8 +70281,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - 3.03.00 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -70329,13 +70297,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: SonicCore doesn't use a Log4j2 + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: SonicWall Switch + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: Industrial Data Center cves: cve-2021-4104: investigated: false @@ -70343,9 +70311,13 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - Gen 1 + - Gen 2 + - Gen 3 + - Gen 3.5 unaffected_versions: [] cve-2021-45046: investigated: false @@ -70358,13 +70330,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Log4j2 not used in the SonicWall Switch. + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: WAF + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: MES EIG cves: cve-2021-4104: investigated: false @@ -70372,8 +70344,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - 3.03.00 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -70387,13 +70360,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Under Review + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: Customers should upgrade to EIG Hub if possible or work with their local + representatives about alternative solutions. references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: WNM + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: VersaVirtual cves: cve-2021-4104: investigated: false @@ -70401,9 +70375,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - Series A unaffected_versions: [] cve-2021-45046: investigated: false @@ -70416,13 +70391,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: Log4j2 not used in the WNM. + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SonicWall - product: WXA + last_updated: '2021-12-15T00:00:00' + - vendor: Rockwell Automation + product: Warehouse Management cves: cve-2021-4104: investigated: false @@ -70430,8 +70405,12 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false - affected_versions: [] + investigated: true + affected_versions: + - 4.01.00 + - 4.02.00 + - 4.02.01 + - 4.02.02 fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -70445,13 +70424,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 - notes: WXA doesn't use a vulnerable version + - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: Sophos - product: Cloud Optix + last_updated: '2021-12-15T00:00:00' + - vendor: Rollbar + product: '' cves: cve-2021-4104: investigated: false @@ -70474,15 +70453,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce - notes: Users may have noticed a brief outage around 12:30 GMT as updates were - deployed. There was no evidence that the vulnerability was exploited and to - our knowledge no customers are impacted. + - https://rollbar.com/blog/log4j-zero-day-2021-log4shell/ + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: Sophos - product: Reflexion + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Rosette.com + product: '' cves: cve-2021-4104: investigated: false @@ -70505,13 +70482,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce - notes: Reflexion does not run an exploitable configuration. + - https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: Sophos - product: SG UTM (all versions) + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Authentication Manager cves: cve-2021-4104: investigated: false @@ -70533,14 +70510,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: - - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce - notes: Sophos SG UTM does not use Log4j. + vendor_links: [] + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: Sophos - product: SG UTM Manager (SUM) (all versions) + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Authentication Manager Prime cves: cve-2021-4104: investigated: false @@ -70548,11 +70524,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - All versions + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -70563,14 +70538,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: - - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce - notes: SUM does not use Log4j. + vendor_links: [] + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: Sophos - product: Sophos Central + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Authentication Manager WebTier cves: cve-2021-4104: investigated: false @@ -70592,14 +70566,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: - - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce - notes: Sophos Central does not run an exploitable configuration. + vendor_links: [] + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: Sophos - product: Sophos Firewall (all versions) + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Governance and Lifecycle cves: cve-2021-4104: investigated: false @@ -70621,14 +70594,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: - - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce - notes: Sophos Firewall does not use Log4j. + vendor_links: [] + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: Sophos - product: Sophos Home + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Governance and Lifecycle Cloud cves: cve-2021-4104: investigated: false @@ -70650,14 +70622,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: - - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce - notes: Sophos Home does not use Log4j. + vendor_links: [] + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: Sophos - product: Sophos Mobile + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA + product: SecurID Identity Router cves: cve-2021-4104: investigated: false @@ -70679,15 +70650,13 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: - - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce - notes: Sophos Mobile (in Central, SaaS, and on-premises) does not run an exploitable - configuration. + vendor_links: [] + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: Sophos - product: Sophos Mobile EAS Proxy + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: RSA Netwitness + product: '' cves: cve-2021-4104: investigated: false @@ -70695,9 +70664,8 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: - - < 9.7.2 + investigated: false + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -70711,17 +70679,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce - notes: The Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers - will need to download and install version 9.7.2, available from Monday December - 13, 2021, on the same machine where it is currently running. PowerShell mode - is not affected. Customers can download the Standalone EAS Proxy Installer version - 9.7.2 from the Sophos website. + - https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540 + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: Sophos - product: Sophos ZTNA + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Rstudioapi + product: Rstudioapi cves: cve-2021-4104: investigated: false @@ -70729,10 +70693,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - '0.13' cve-2021-45046: investigated: false affected_versions: [] @@ -70744,12 +70709,12 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce - notes: Sophos ZTNA does not use Log4j. + - https://github.com/rstudio/rstudioapi + notes: '' references: - '' - last_updated: '2021-12-12T00:00:00' - - vendor: SOS Berlin + last_updated: '2021-12-21T00:00:00' + - vendor: Rubrik product: '' cves: cve-2021-4104: @@ -70773,13 +70738,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.sos-berlin.com/en/news-mitigation-log4j-vulnerability - notes: '' + - https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK + notes: This advisory is available to customers only and has not been reviewed + by CISA references: - '' - last_updated: '2022-01-12T07:18:55+00:00' - - vendor: Spacelabs Healthcare - product: ABP + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Ruckus + product: Virtual SmartZone (vSZ) cves: cve-2021-4104: investigated: false @@ -70788,12 +70754,10 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: [] + affected_versions: + - 5.1 to 6.0 fixed_versions: [] - unaffected_versions: - - OnTrak - - 90217A - - and 90207 + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -70805,13 +70769,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + - https://support.ruckuswireless.com/security_bulletins/313 notes: '' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: CardioExpress + last_updated: '2021-12-13T00:00:00' + - vendor: RunDeck by PagerDuty + product: '' cves: cve-2021-4104: investigated: false @@ -70819,13 +70783,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] fixed_versions: [] - unaffected_versions: - - SL6A - - SL12A - - and SL18A + unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] @@ -70837,13 +70798,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + - https://docs.rundeck.com/docs/history/CVEs/ notes: '' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: DM3 and DM4 Monitors + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Runecast + product: Runecast Analyzer cves: cve-2021-4104: investigated: false @@ -70851,9 +70812,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - 6.0.3 unaffected_versions: [] cve-2021-45046: investigated: false @@ -70866,13 +70828,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + - https://www.runecast.com/release-notes notes: '' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Eclipse Pro + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SAE-IT + product: '' cves: cve-2021-4104: investigated: false @@ -70895,13 +70857,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + - https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html notes: '' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: EVO + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SAFE FME Server + product: '' cves: cve-2021-4104: investigated: false @@ -70924,13 +70886,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + - https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j notes: '' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Intesys Clinical Suite (ICS) + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SAGE + product: '' cves: cve-2021-4104: investigated: false @@ -70953,13 +70915,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + - https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228 notes: '' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Intesys Clinical Suite (ICS) Clinical Access Workstations + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SailPoint + product: '' cves: cve-2021-4104: investigated: false @@ -70982,13 +70944,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' + - https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681 + notes: This advisory is available to customers only and has not been reviewed + by CISA references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Lifescreen Pro + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Salesforce + product: Analytics Cloud cves: cve-2021-4104: investigated: false @@ -71011,13 +70974,15 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Analytics Cloud is reported to be affected by CVE-2021-44228. Services + have been updated to mitigate the issues identified in CVE-2021-44228 and we + are executing our final validation steps."' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Pathfinder SL + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: B2C Commerce Cloud cves: cve-2021-4104: investigated: false @@ -71040,13 +71005,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The + service is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Qube + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: ClickSoftware (As-a-Service) cves: cve-2021-4104: investigated: false @@ -71054,41 +71020,10 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - '91390' - cve-2021-45046: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] - vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' - references: - - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Qube Mini - cves: - cve-2021-4104: - investigated: false - affected_versions: [] - fixed_versions: [] - unaffected_versions: [] - cve-2021-44228: - investigated: true - affected_versions: [] - fixed_versions: [] - unaffected_versions: - - '91389' cve-2021-45046: investigated: false affected_versions: [] @@ -71100,13 +71035,14 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. + The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: SafeNSound + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: ClickSoftware (On-Premise) cves: cve-2021-4104: investigated: false @@ -71114,10 +71050,9 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: true + investigated: false affected_versions: [] - fixed_versions: - - 4.3.1 + fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false @@ -71130,13 +71065,13 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: Version >4.3.1 - Not Affected + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Please contact Customer Support."' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Sentinel + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Community Cloud cves: cve-2021-4104: investigated: false @@ -71159,13 +71094,5681 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ - notes: '' + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Community Cloud is reported to be affected by CVE-2021-44228. The service + is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' - last_updated: '2022-01-05T00:00:00' - - vendor: Spacelabs Healthcare - product: Spacelabs Cloud + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Data.com + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Data.com is reported to be affected by CVE-2021-44228. The service has + a mitigation in place and is being updated to remediate the vulnerability identified in + CVE-2021-44228."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: DataLoader + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - <=53.0.0 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/forcedotcom/dataloader/releases/tag/v53.0.1 + notes: '' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Salesforce + product: Datorama + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Datorama is reported to be affected by CVE-2021-44228. The service has + a mitigation in place and is being updated to remediate the vulnerability identified in + CVE-2021-44228."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Evergage (Interaction Studio) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. + Services have been updated to mitigate the issues identified in CVE-2021-44228 + and we are executing our final validation steps."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Force.com + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Force.com is reported to be affected by CVE-2021-44228. The service is + being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Heroku + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Heroku is reported to not be affected by CVE-2021-44228; no further action + is necessary at this time."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Marketing Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Marketing Cloud is reported to be affected by CVE-2021-44228. The service + is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: MuleSoft (Cloud) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service + is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: MuleSoft (On-Premise) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Please contact Customer Support."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Pardot + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Pardot is reported to be affected by CVE-2021-44228. The service is being + updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Sales Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Sales Cloud is reported to be affected by CVE-2021-44228. The service + is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Service Cloud + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Service Cloud is reported to be affected by CVE-2021-44228. The service + is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Slack + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Slack is reported to be affected by CVE-2021-44228. The service has a + mitigation in place and is being updated to remediate the vulnerability identified in + CVE-2021-44228."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Social Studio + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Social Studio is reported to be affected by CVE-2021-44228. The service + has a mitigation in place and is being updated to remediate the vulnerability + identified in CVE-2021-44228."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Salesforce + product: Tableau (On-Premise) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - < 2021.4.1 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell + notes: Fixed in 2021.4.1 + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Salesforce + product: Tableau (Online) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.salesforce.com/s/articleView?id=000363736&type=1 + notes: '"Tableau (Online) is reported to be affected by CVE-2021-44228. The service + is being updated to remediate the vulnerability identified in CVE-2021-44228."' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: Samsung Electronics America + product: Knox Admin Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox Asset Intelligence + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox Configure + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox E-FOTA One + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox Guard + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox License Management + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox Manage + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox Managed Services Provider (MSP) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox Mobile Enrollment + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Samsung Electronics America + product: Knox Reseller Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services + notes: '' + references: + - '' + last_updated: '2022-01-17T00:00:00' + - vendor: Sangoma + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.sangoma.com/community/s/article/Log4Shell + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SAP + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: SAP Advanced Platform + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://launchpad.support.sap.com/#/notes/3130698 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: SAP BusinessObjects + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blogs.sap.com/2021/12/16/cve-2021-44228-impact-of-log4j-vulnerability-on-sap-businessobjects/ + notes: The support document is available to customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: SAS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SASSAFRAS + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sassafras.com/log4j-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Savignano software solutions + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://savignano.atlassian.net/wiki/spaces/SNOTIFY/blog/2021/12/13/2839740417/No+Log4j+Vulnerability+in+S+Notify + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SBT + product: SBT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - <1.5.6 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.com/sbt/sbt/releases/tag/v1.5.7 + notes: '' + references: + - '' + last_updated: '2021-12-15T00:00:00' + - vendor: ScaleComputing + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.scalecomputing.com/s/article/Apache-Log4j-Vulnerability + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ScaleFusion MobileLock Pro + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.mobilock.in/article/t9sx43yg44-scalefusion-security-advisory-for-apache-log-4-j-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Schneider Electric + product: EASYFIT + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: Ecoreal XL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: EcoStruxure IT Expert + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: EcoStruxure IT Gateway + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - V1.5.0 to V1.13.0 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://ecostruxureit.com/download-and-set-upecostruxureit-gateway/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: Eurotherm Data Reviewer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - V3.0.2 and prior + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: Facility Expert Small Business + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: MSE + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: NetBotz750/755 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Software versions 5.0 through 5.3.0 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: NEW630 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SDK BOM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SDK-Docgen + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SDK-TNC + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SDK-UMS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SDK3D2DRenderer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SDK3D360Widget + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: Select and Config DATA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SNC-API + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SNC-CMM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SNCSEMTECH + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SPIMV3 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SWBEditor + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: SWBEngine + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - Current software and earlier + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.se.com/us/en/download/document/7EN52-0390/ + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schneider Electric + product: Wiser by SE platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - Cloud + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: [] + notes: '' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Schweitzer Engineering Laboratories + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://selinc.com/support/security-notifications/ + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: SCM Manager + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://scm-manager.org/blog/posts/2021-12-13-log4shell/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ScreenBeam + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://customersupport.screenbeam.com/hc/en-us/articles/4416468085389-December-2021-Security-Alert-Log4j-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SDL worldServer + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://gateway.sdl.com/apex/communityknowledge?articleName=000017707 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Seagull Scientific + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.seagullscientific.com/hc/en-us/articles/4415794235543-Apache-Log4Shell-Vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SecurePoint + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securepoint.de/news/details/sicherheitsluecke-log4j-securepoint-loesungen-nicht-betroffen.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Security Onion + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Securonix + product: Extended Detection and Response (XDR) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf + notes: Patching ongoing as of 12/10/2021 + references: + - '' + last_updated: '2021-12-10T00:00:00' + - vendor: Securonix + product: Next Gen SIEM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf + notes: Patching ongoing as of 12/10/2021 + references: + - '' + last_updated: '2021-12-10T00:00:00' + - vendor: Securonix + product: Security Analytics and Operations Platform (SOAR) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf + notes: Patching ongoing as of 12/10/2021 + references: + - '' + last_updated: '2021-12-10T00:00:00' + - vendor: Securonix + product: SNYPR Application + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-OnPrem-Customer-Update.pdf + notes: '' + references: + - '' + last_updated: '2021-12-10T00:00:00' + - vendor: Securonix + product: User and Entity Behavior Analytics(UEBA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - All + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf + notes: Patching ongoing as of 12/10/2021 + references: + - '' + last_updated: '2021-12-10T00:00:00' + - vendor: Seeburger + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open + notes: This advisory is available to customers only and has not been reviewed + by CISA. + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SentinelOne + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sentinelone.com/blog/cve-2021-44228-staying-secure-apache-log4j-vulnerability/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Sentry + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://blog.sentry.io/2021/12/15/sentrys-response-to-log4j-vulnerability-cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SEP + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.sep.de/otrs/public.pl?Action=PublicFAQZoom;ItemID=132 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Server Eye + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.server-eye.de/blog/sicherheitsluecke-log4j-server-eye-systeme-sind-nicht-betroffen/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: ServiceNow + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Shibboleth + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - http://shibboleth.net/pipermail/announce/2021-December/000253.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Shibboleth + product: All Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - Identity Provider>=3.0 + - All other software versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://shibboleth.net/pipermail/announce/2021-December/000253.html + notes: '' + references: + - '' + last_updated: '2021-12-10T00:00:00' + - vendor: Shopify + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Siebel + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Siemens + product: Affected Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf + notes: 'Siemens requests: See pdf for the complete list of affected products, + CSAF for automated parsing of data' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens + product: Affected Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf + notes: 'Siemens requests: See pdf for the complete list of affected products, + CSAF for automated parsing of data' + references: + - '' + last_updated: '2021-12-19T00:00:00' + - vendor: Siemens Energy + product: Affected Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf + notes: 'Siemens requests: See pdf for the complete list of affected products, + CSAF for automated parsing of data' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Siemens Energy + product: Affected Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf + notes: 'Siemens requests: See pdf for the complete list of affected products, + CSAF for automated parsing of data' + references: + - '' + last_updated: '2021-12-20T00:00:00' + - vendor: Siemens Energy + product: Affected Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf + notes: 'Siemens requests: See pdf for the complete list of affected products, + CSAF for automated parsing of data' + references: + - '' + last_updated: '2021-12-16T00:00:00' + - vendor: Siemens Healthineers + product: ATELLICA DATA MANAGER v1.1.1 / v1.2.1 / v1.3.1 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: If you have determined that your Atellica Data Manager has a “Java communication + engine” service, and you require an immediate mitigation, then please contact + your Siemens Customer Care Center or your local Siemens technical support representative. + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: CENTRALINK v16.0.2 / v16.0.3 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: If you have determined that your CentraLink has a “Java communication engine” + service, and you require a mitigation, then please contact your Siemens Customer + Care Center or your local Siemens technical support representative. + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Cios Flow S1 / Alpha / Spin VA30 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Cios Select FD/I.I. VA21 / VA21-S3P + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: DICOM Proxy VB10A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: remove the vulnerable class from the .jar file' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.All, Som10 VA20 / VA30 / VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.Fit, Som10 VA30 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.Now, Som10 VA10 / VA20 / VA30 / VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.Open Pro, Som10 VA30 / VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.Sim, Som10 VA30 / VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.Top, Som10 VA20 / VA20A_SP5 / VA30 / VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: go.Up, Som10 VA10 / VA20 / VA30 / VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM AERA 1,5T, MAGNETOM PRISMA, MAGNETOM PRISMA FIT, MAGNETOM SKYRA + 3T NUMARIS/X VA30A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Altea NUMARIS/X VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM ALTEA, MAGNETOM LUMINA, MAGNETOM SOLA, MAGNETOM VIDA NUMARIS/X + VA31A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Amira NUMARIS/X VA12M + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Free.Max NUMARIS/X VA40 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Lumina NUMARIS/X VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Sempra NUMARIS/X VA12M + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Sola fit NUMARIS/X VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Sola NUMARIS/X VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Vida fit NUMARIS/X VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: MAGNETOM Vida NUMARIS/X VA10A* / VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'LOG4J is used in the context of the help system. Workaround: close port + 8090 for standalone systems. Setup IP whitelisting for "need to access" systems + to network port 8090 in case a second console is connected.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Somatom Emotion Som5 VC50 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Somatom Scope Som5 VC50 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: evaluation ongoing + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: remove the vulnerable class from the .jar file' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: Syngo MobileViewer VA10A + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: The vulnerability will be patch/mitigated in upcoming releases\patches. + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: syngo Plaza VB20A / VB20A_HF01 - HF07 / VB30A / VB30A_HF01 / VB30A_HF02 + / VB30B / VB30C / VB30C_HF01 - HF06 / VB30C_HF91 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: remove the vulnerable class from the .jar file' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: syngo Workflow MLR VB37A / VB37A_HF01 / VB37A_HF02 / VB37B / VB37B_HF01 + - HF07 / VB37B_HF93 / VB37B_HF94 / VB37B_HF96 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: Please contact your Customer Service to get support on mitigating the vulnerability. + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: syngo.via VB20A / VB20A_HF01 - HF08 / VB20A_HF91 / VB20B / VB30A / VB30A_HF01 + - VB30A_HF08 / VB30A_HF91VB30B / VB30B_HF01 / VB40A / VB40A_HF01 - HF02 /VB40B + / VB40B_HF01 - HF05 / VB50A / VB50A_CUT / VB50A_D4VB50B / VB50B_HF01 - HF03 + / VB60A / VB60A_CUT / VB60A_D4 / VB60A_HF01 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: remove the vulnerable class from the .jar file' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: syngo.via WebViewer VA13B / VA20A / VA20B + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: remove the vulnerable class from the .jar file' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: X.Ceed Somaris 10 VA40* + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Siemens Healthineers + product: X.Cite Somaris 10 VA30*/VA40* + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 + notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 + from other devices by configuration of the hospital network.' + references: + - '' + last_updated: '2021-12-22T00:00:00' + - vendor: Sierra Wireless + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Sierra Wireless + product: AirVantage and Octave cloud platforms + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs + notes: These systems do not operate with the specific non-standard configuration + required for CVE-2021-25046 and hence were not vulnerable to it. + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Sierra Wireless + product: AM/AMM servers + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Signald + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://gitlab.com/signald/signald/-/issues/259 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Silver Peak + product: Orchestrator, Silver Peak GMS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.arubanetworks.com/website/techdocs/sdwan/docs/advisories/media/security_advisory_notice_apache_log4j2_cve_2021_44228.pdf + notes: Customer managed Orchestrator and legacy GMS products are affected by this + vulnerability. This includes on-premise and customer managed instances running + in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective + Action Required for details about how to mitigate this exploit. + references: + - '' + last_updated: '2021-12-14T00:00:00' + - vendor: SingleWire + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.singlewire.com/s/article/Apache-Log4j2-vulnerability-CVE-2021-44228 + notes: This advisory is available to customers only and has not been reviewed + by CISA + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SISCO + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://sisconet.com/sisco-news/log4j/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Sitecore + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1001391 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Skillable + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://skillable.com/log4shell/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SLF4J + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - http://slf4j.org/log4shell.html + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Slurm + product: Slurm + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 20.11.8 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://slurm.schedmd.com/documentation.html + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: SMA Solar Technology AG + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://files.sma.de/downloads/HK_Log4j-en-10.pdf?_ga=2.237963714.352491368.1640298543-2015796445.1640298540 + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: SmartBear + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://smartbear.com/security/cve-2021-44228/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SmileCDR + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Sn0m + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.snom.com/en/press/log4j-poses-no-threat-snom-phones/ + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Snakemake + product: Snakemake + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - 6.12.1 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://snakemake.readthedocs.io/en/stable/ + notes: '' + references: + - '' + last_updated: '2021-12-21T00:00:00' + - vendor: Snow Software + product: Snow Commander + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 8.1 to 8.10.2 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Snow Software + product: VM Access Proxy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - v3.1 to v3.6 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Snowflake + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.snowflake.com/s/article/No-Snowflake-exposure-to-Apache-Log4j-vulnerability-CVE-2021-44228 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Snyk + product: Cloud Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://updates.snyk.io/snyk%27s-cloud-platform-all-clear-from-log4j-exploits-216499 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Software AG + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: SolarWinds + product: Database Performance Analyzer (DPA) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - 2021.1.x + - 2021.3.x + - 2022.1.x + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 + notes: 'For more information, please see the following KB article: [link](https://support.solarwinds.com/SuccessCenter/s/article/Database-Performance-Analyzer-DPA-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US)' + references: + - '' + last_updated: '2021-12-23T00:00:00' + - vendor: SolarWinds + product: Orion Platform + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 + notes: '' + references: + - '' + last_updated: '2021-12-23T00:00:00' + - vendor: SolarWinds + product: Server & Application Monitor (SAM) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - SAM 2020.2.6 and later + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 + notes: 'For more information, please see the following KB article for the latest + details specific to the SAM hotfix: [link](https://support.solarwinds.com/SuccessCenter/s/article/Server-Application-Monitor-SAM-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US)' + references: + - '' + last_updated: '2021-12-23T00:00:00' + - vendor: SonarSource + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Sonatype + product: All Products + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All Versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://help.sonatype.com/docs/important-announcements/sonatype-product-log4j-vulnerability-status + notes: Sonatype uses logback as the default logging solution as opposed to log4j. + This means our software including Nexus Lifecycle, Nexus Firewall, Nexus Repository + OSS and Nexus Repository Pro in versions 2.x and 3.x are NOT affected by the + reported log4j vulnerabilities. We still advise keeping your software upgraded + at the latest version. + references: + - '' + last_updated: '2021-12-29T00:00:00' + - vendor: SonicWall + product: Access Points + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the SonicWall Access Points + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Analytics + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Under Review + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Under Review + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Capture Client & Capture Client Portal + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the Capture Client. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Capture Security Appliance + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the Capture Security appliance. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: CAS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Under Review + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Email Security + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: ES 10.0.11 and earlier versions are impacted + references: + - '' + last_updated: '2021-12-17T00:00:00' + - vendor: SonicWall + product: Gen5 Firewalls (EOS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the appliance. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Gen6 Firewalls + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the appliance. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: Gen7 Firewalls + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the appliance. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: GMS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Under Review + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: MSW + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Mysonicwall service doesn't use Log4j + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: NSM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: NSM On-Prem and SaaS doesn't use a vulnerable version + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: SMA 100 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the SMA100 appliance. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: SMA 1000 + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Version 12.1.0 and 12.4.1 doesn't use a vulnerable version + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: SonicCore + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: SonicCore doesn't use a Log4j2 + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: SonicWall Switch + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the SonicWall Switch. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: WAF + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Under Review + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: WNM + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: Log4j2 not used in the WNM. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SonicWall + product: WXA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 + notes: WXA doesn't use a vulnerable version + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Cloud Optix + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Users may have noticed a brief outage around 12:30 GMT as updates were + deployed. There was no evidence that the vulnerability was exploited and to + our knowledge no customers are impacted. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Reflexion + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Reflexion does not run an exploitable configuration. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: SG UTM (all versions) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Sophos SG UTM does not use Log4j. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: SG UTM Manager (SUM) (all versions) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - All versions + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: SUM does not use Log4j. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Sophos Central + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Sophos Central does not run an exploitable configuration. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Sophos Firewall (all versions) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Sophos Firewall does not use Log4j. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Sophos Home + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Sophos Home does not use Log4j. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Sophos Mobile + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Sophos Mobile (in Central, SaaS, and on-premises) does not run an exploitable + configuration. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Sophos Mobile EAS Proxy + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: + - < 9.7.2 + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: The Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers + will need to download and install version 9.7.2, available from Monday December + 13, 2021, on the same machine where it is currently running. PowerShell mode + is not affected. Customers can download the Standalone EAS Proxy Installer version + 9.7.2 from the Sophos website. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: Sophos + product: Sophos ZTNA + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce + notes: Sophos ZTNA does not use Log4j. + references: + - '' + last_updated: '2021-12-12T00:00:00' + - vendor: SOS Berlin + product: '' + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.sos-berlin.com/en/news-mitigation-log4j-vulnerability + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Spacelabs Healthcare + product: ABP + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - OnTrak + - 90217A + - and 90207 + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: CardioExpress + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - SL6A + - SL12A + - and SL18A + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: DM3 and DM4 Monitors + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Eclipse Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: EVO + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Intesys Clinical Suite (ICS) + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Intesys Clinical Suite (ICS) Clinical Access Workstations + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Lifescreen Pro + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Pathfinder SL + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Qube + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '91390' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Qube Mini + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '91389' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: SafeNSound + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - 4.3.1 + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: Version >4.3.1 - Not Affected + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Sentinel + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/ + notes: '' + references: + - '' + last_updated: '2022-01-05T00:00:00' + - vendor: Spacelabs Healthcare + product: Spacelabs Cloud cves: cve-2021-4104: investigated: false @@ -71375,7 +76978,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Spigot product: '' cves: @@ -71404,7 +77007,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Splunk product: Data Stream Processor cves: @@ -72076,7 +77679,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Spring product: Spring Boot cves: @@ -72106,7 +77709,7 @@ software: switched the default logging system to Log4J2 references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Spring Boot product: '' cves: @@ -72135,7 +77738,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: StarDog product: '' cves: @@ -72164,7 +77767,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:55+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: STERIS product: Advantage cves: @@ -73701,7 +79304,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Storagement product: '' cves: @@ -73730,7 +79333,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: StormShield product: '' cves: @@ -73759,7 +79362,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: StrangeBee TheHive & Cortex product: '' cves: @@ -73788,7 +79391,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Stratodesk product: '' cves: @@ -73817,7 +79420,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Strimzi product: '' cves: @@ -73846,7 +79449,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Stripe product: '' cves: @@ -73875,7 +79478,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Styra product: '' cves: @@ -73904,7 +79507,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sumologic product: '' cves: @@ -73933,7 +79536,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SumoLogic product: '' cves: @@ -73962,7 +79565,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Superna EYEGLASS product: '' cves: @@ -73991,7 +79594,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Suprema Inc product: '' cves: @@ -74020,7 +79623,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SUSE product: '' cves: @@ -74049,7 +79652,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sweepwidget product: '' cves: @@ -74078,7 +79681,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Swyx product: '' cves: @@ -74107,7 +79710,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Synchro MSP product: '' cves: @@ -74136,7 +79739,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Syncplify product: '' cves: @@ -74165,7 +79768,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Synology product: '' cves: @@ -74194,7 +79797,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Synopsys product: '' cves: @@ -74223,7 +79826,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Syntevo product: '' cves: @@ -74252,7 +79855,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: SysAid product: '' cves: @@ -74281,7 +79884,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Sysdig product: '' cves: @@ -74310,7 +79913,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tableau product: Tableau Bridge cves: @@ -74567,7 +80170,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tanium product: All cves: @@ -74626,7 +80229,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TeamPasswordManager product: '' cves: @@ -74655,7 +80258,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Teamviewer product: '' cves: @@ -74684,7 +80287,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tech Software product: OneAegis (f/k/a IRBManager) cves: @@ -74803,7 +80406,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Telestream product: '' cves: @@ -74832,7 +80435,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tenable product: Tenable.io / Nessus cves: @@ -74862,7 +80465,7 @@ software: to CVE-2021-44228 or CVE-2021-45046 at this time references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Thales product: CADP/SafeNet Protect App (PA) - JCE cves: @@ -76698,7 +82301,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ThycoticCentrify product: Account Lifecycle Manager cves: @@ -76997,7 +82600,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Top Gun Technology (TGT) product: '' cves: @@ -77026,7 +82629,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TopDesk product: '' cves: @@ -77055,7 +82658,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Topicus Security product: Topicus KeyHub cves: @@ -77114,7 +82717,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tosibox product: '' cves: @@ -77143,7 +82746,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TPLink product: Omega Controller cves: @@ -77204,7 +82807,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tricentis Tosca product: '' cves: @@ -77233,7 +82836,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tridium product: '' cves: @@ -77531,7 +83134,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TrueNAS product: '' cves: @@ -77560,7 +83163,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Tufin product: '' cves: @@ -77589,7 +83192,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: TYPO3 product: '' cves: @@ -77618,7 +83221,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ubiquiti product: UniFi Network Application cves: @@ -77648,7 +83251,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ubiquiti product: UniFi Network Controller cves: @@ -77708,7 +83311,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: UiPath product: InSights cves: @@ -77767,7 +83370,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: UniFlow product: '' cves: @@ -77796,7 +83399,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Unify ATOS product: '' cves: @@ -77825,7 +83428,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Unimus product: '' cves: @@ -77854,7 +83457,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: USSIGNAL MSP product: '' cves: @@ -77883,7 +83486,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Varian product: Acuity cves: @@ -79113,7 +84716,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Varnish Software product: '' cves: @@ -79142,7 +84745,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Varonis product: '' cves: @@ -79171,7 +84774,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Veeam product: '' cves: @@ -79200,7 +84803,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Venafi product: '' cves: @@ -79229,7 +84832,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Veritas NetBackup product: '' cves: @@ -79258,7 +84861,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Vertica product: '' cves: @@ -79346,7 +84949,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: VMware product: API Portal for VMware Tanzu cves: @@ -80598,7 +86201,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wasp Barcode technologies product: '' cves: @@ -80627,7 +86230,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WatchGuard product: Secplicity cves: @@ -80656,7 +86259,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Western Digital product: '' cves: @@ -80685,7 +86288,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WIBU Systems product: CodeMeter Cloud Lite cves: @@ -80774,7 +86377,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WireShark product: '' cves: @@ -80803,7 +86406,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wistia product: '' cves: @@ -80832,7 +86435,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WitFoo product: '' cves: @@ -80861,7 +86464,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WordPress product: '' cves: @@ -80890,7 +86493,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Worksphere product: '' cves: @@ -80919,7 +86522,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wowza product: '' cves: @@ -80948,7 +86551,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: WSO2 product: WSO2 Enterprise Integrator cves: @@ -80978,7 +86581,7 @@ software: notes: A temporary mitigation is available while vendor works on update references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XCP-ng product: '' cves: @@ -81007,7 +86610,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XenForo product: '' cves: @@ -81036,7 +86639,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Xerox product: '' cves: @@ -81065,7 +86668,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XPertDoc product: '' cves: @@ -81094,7 +86697,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XPLG product: '' cves: @@ -81123,7 +86726,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: XWIKI product: '' cves: @@ -81152,7 +86755,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Xylem product: Aquatalk cves: @@ -81651,7 +87254,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: YellowFin product: '' cves: @@ -81680,7 +87283,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: YOKOGAWA product: '' cves: @@ -81738,7 +87341,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zabbix product: '' cves: @@ -81767,7 +87370,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ZAMMAD product: '' cves: @@ -81796,7 +87399,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zaproxy product: '' cves: @@ -81825,7 +87428,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zebra product: '' cves: @@ -81854,7 +87457,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zendesk product: All Products cves: @@ -81915,7 +87518,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zentera Systems, Inc. product: CoIP Access Platform cves: @@ -81974,7 +87577,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zesty product: '' cves: @@ -82003,7 +87606,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zimbra product: '' cves: @@ -82032,7 +87635,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zix product: '' cves: @@ -82090,7 +87693,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: ZPE systems Inc product: '' cves: @@ -82119,7 +87722,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zscaler product: See Link (Multiple Products) cves: @@ -82177,7 +87780,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:56+00:00' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zyxel product: Security Firewall/Gateways cves: