From 605e96457746aafc6698e7e6b76d70c54cf7271d Mon Sep 17 00:00:00 2001 From: Paul Schrauder Date: Mon, 24 Jan 2022 15:06:48 -0600 Subject: [PATCH 1/3] Updated Salesforce statuses --- data/cisagov_S.yml | 69 ++++++++++++++++------------------------------ 1 file changed, 24 insertions(+), 45 deletions(-) diff --git a/data/cisagov_S.yml b/data/cisagov_S.yml index 3ef818e..936e184 100644 --- a/data/cisagov_S.yml +++ b/data/cisagov_S.yml @@ -146,9 +146,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Analytics Cloud is reported to be affected by CVE-2021-44228. Services - have been updated to mitigate the issues identified in CVE-2021-44228 and we - are executing our final validation steps."' + notes: 'Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -177,8 +175,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The - service is being updated to remediate the vulnerability identified in CVE-2021-44228."' + notes: 'B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -207,8 +204,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. - The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' + notes: 'ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -237,12 +233,12 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Please contact Customer Support."' + notes: 'ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details are available here.' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Salesforce - product: Community Cloud + product: Experience (Community) Cloud cves: cve-2021-4104: investigated: false @@ -266,8 +262,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Community Cloud is reported to be affected by CVE-2021-44228. The service - is being updated to remediate the vulnerability identified in CVE-2021-44228."' + notes: '"Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -296,9 +291,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Data.com is reported to be affected by CVE-2021-44228. The service has - a mitigation in place and is being updated to remediate the vulnerability identified in - CVE-2021-44228."' + notes: 'Data.com was affected by CVE-2021-44228 and CVE-2021-45046.  Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -357,9 +350,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Datorama is reported to be affected by CVE-2021-44228. The service has - a mitigation in place and is being updated to remediate the vulnerability identified in - CVE-2021-44228."' + notes: 'Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -388,9 +379,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. - Services have been updated to mitigate the issues identified in CVE-2021-44228 - and we are executing our final validation steps."' + notes: 'Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -419,8 +408,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Force.com is reported to be affected by CVE-2021-44228. The service is - being updated to remediate the vulnerability identified in CVE-2021-44228."' + notes: 'Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. + +The Data Loader tool has been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader version 53.0.2 or later. Follow the steps described here to download the latest version of Data Loader.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -449,8 +439,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Heroku is reported to not be affected by CVE-2021-44228; no further action - is necessary at this time."' + notes: 'Heroku is reported to not be affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -479,8 +468,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Marketing Cloud is reported to be affected by CVE-2021-44228. The service - is being updated to remediate the vulnerability identified in CVE-2021-44228."' + notes: 'Salesforce-owned services within Marketing Cloud are not affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party vendors have been patched to address the security issues currently identified in CVE-2021-44228 or CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -509,8 +497,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service - is being updated to remediate the vulnerability identified in CVE-2021-44228."' + notes: 'MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft services, including dataloader.io, have been updated to mitigate the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -539,7 +526,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Please contact Customer Support."' + notes: 'MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors, including Private Cloud Edition (PCE) and Anypoint Studio, have a mitigation in place to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -568,8 +555,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Pardot is reported to be affected by CVE-2021-44228. The service is being - updated to remediate the vulnerability identified in CVE-2021-44228."' + notes: 'Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -598,8 +584,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Sales Cloud is reported to be affected by CVE-2021-44228. The service - is being updated to remediate the vulnerability identified in CVE-2021-44228."' + notes: 'Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -628,8 +613,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Service Cloud is reported to be affected by CVE-2021-44228. The service - is being updated to remediate the vulnerability identified in CVE-2021-44228."' + notes: 'Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -658,9 +642,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Slack is reported to be affected by CVE-2021-44228. The service has a - mitigation in place and is being updated to remediate the vulnerability identified in - CVE-2021-44228."' + notes: 'Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are available here.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -689,9 +671,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Social Studio is reported to be affected by CVE-2021-44228. The service - has a mitigation in place and is being updated to remediate the vulnerability - identified in CVE-2021-44228."' + notes: 'Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -721,7 +701,7 @@ software: unaffected_versions: [] vendor_links: - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell - notes: Fixed in 2021.4.1 + notes: Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Patches to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046 are available for download. Additional details are available here. references: - '' last_updated: '2021-12-16T00:00:00' @@ -750,8 +730,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Tableau (Online) is reported to be affected by CVE-2021-44228. The service - is being updated to remediate the vulnerability identified in CVE-2021-44228."' + notes: 'Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services have been patched to mitigate the issues currently identified in both CVE-2021-44228 and CVE-2021-45046.' references: - '' last_updated: '2021-12-15T00:00:00' @@ -9085,4 +9064,4 @@ software: references: - '' last_updated: '2022-01-12T07:18:56+00:00' -... +... \ No newline at end of file From 43603ca4f81c606c94bf19e51f9dcb289cd20fcf Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:20:04 -0500 Subject: [PATCH 2/3] Fix line length --- data/cisagov_S.yml | 85 ++++++++++++++++++++++++++++++++++------------ 1 file changed, 64 insertions(+), 21 deletions(-) diff --git a/data/cisagov_S.yml b/data/cisagov_S.yml index 936e184..7fc98d8 100644 --- a/data/cisagov_S.yml +++ b/data/cisagov_S.yml @@ -146,7 +146,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to + address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -175,7 +177,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to address + the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -204,7 +208,10 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: ClickSoftware (As-a-Service) was affected by CVE-2021-44228 + and CVE-2021-45046. Salesforce-owned services and third-party vendors + have been patched to address the issues currently identified in + CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -262,7 +269,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: '"Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to + address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -291,7 +300,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Data.com was affected by CVE-2021-44228 and CVE-2021-45046.  Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Data.com was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched + to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -350,7 +361,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Datorama was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched + to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -408,9 +421,13 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. - -The Data Loader tool has been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader version 53.0.2 or later. Follow the steps described here to download the latest version of Data Loader.' + notes: Force.com was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched + to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. + The Data Loader tool has been patched to address the issues currently identified + in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader + version 53.0.2 or later. Follow the steps described here to download the latest + version of Data Loader. references: - '' last_updated: '2021-12-15T00:00:00' @@ -439,7 +456,8 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Heroku is reported to not be affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046.' + notes: Heroku is reported to not be affected by the issues currently + identified in CVE-2021-44228 or CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -468,7 +486,10 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Salesforce-owned services within Marketing Cloud are not affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party vendors have been patched to address the security issues currently identified in CVE-2021-44228 or CVE-2021-45046.' + notes: Salesforce-owned services within Marketing Cloud are not affected + by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. + Third-party vendors have been patched to address the security issues currently + identified in CVE-2021-44228 or CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -497,7 +518,10 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft services, including dataloader.io, have been updated to mitigate the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here.' + notes: MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. + Mulesoft services, including dataloader.io, have been updated to mitigate + the issues currently identified in CVE-2021-44228 and CVE-2021-45046. + Please see additional details here. references: - '' last_updated: '2021-12-15T00:00:00' @@ -526,7 +550,11 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors, including Private Cloud Edition (PCE) and Anypoint Studio, have a mitigation in place to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here.' + notes: 'MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors, including Private Cloud + Edition (PCE) and Anypoint Studio, have a mitigation in place to address the + issues currently identified in CVE-2021-44228 and CVE-2021-45046. + Please see additional details here. references: - '' last_updated: '2021-12-15T00:00:00' @@ -555,7 +583,9 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Pardot was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched + to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -584,7 +614,9 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to + address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -613,7 +645,9 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to + address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -642,7 +676,10 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are available here.' + notes: Slack was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched + to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. + Additional details are available here. references: - '' last_updated: '2021-12-15T00:00:00' @@ -671,7 +708,9 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to + address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -701,7 +740,9 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell - notes: Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Patches to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046 are available for download. Additional details are available here. + notes: Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. + Patches to address the issues currently identified in both CVE-2021-44228 and + CVE-2021-45046 are available for download. Additional details are available here. references: - '' last_updated: '2021-12-16T00:00:00' @@ -730,7 +771,9 @@ The Data Loader tool has been patched to address the issues currently identified unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services have been patched to mitigate the issues currently identified in both CVE-2021-44228 and CVE-2021-45046.' + notes: Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. + Services have been patched to mitigate the issues currently identified in + both CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -9064,4 +9107,4 @@ The Data Loader tool has been patched to address the issues currently identified references: - '' last_updated: '2022-01-12T07:18:56+00:00' -... \ No newline at end of file +... From d8c4b4ce608e9fb775c6f92c20bef4b0a4518c52 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Tue, 25 Jan 2022 15:26:21 -0500 Subject: [PATCH 3/3] Fixed line lentgth, and extra quote mark --- data/cisagov_S.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/data/cisagov_S.yml b/data/cisagov_S.yml index 8959d90..4810e97 100644 --- a/data/cisagov_S.yml +++ b/data/cisagov_S.yml @@ -240,7 +240,10 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details are available here.' + notes: ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to address the + issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details + are available here. references: - '' last_updated: '2021-12-15T00:00:00' @@ -392,7 +395,9 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.' + notes: Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046. + Salesforce-owned services and third-party vendors have been patched to address the issues + currently identified in CVE-2021-44228 and CVE-2021-45046. references: - '' last_updated: '2021-12-15T00:00:00' @@ -550,7 +555,7 @@ software: unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 - notes: 'MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. + notes: MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors, including Private Cloud Edition (PCE) and Anypoint Studio, have a mitigation in place to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.