r3pek
/
log4j-affected-db
mirror of https://github.com/cisagov/log4j-affected-db
1
0
Fork 0
Code Releases Activity

Add Abbott and Accellence Tech products

Browse Source
pull/506/head
justmurphy 2 years ago committed by GitHub
parent cd4e23ff35
commit bcdeb389e1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 73 additions and 36 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 109
      data/cisagov_A.yml

109
data/cisagov_A.yml
Unescape View File

@ -5,7 +5,7 @@ owners:
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: ABB
product: ''
product: AlarmInsight Cloud
cves:
cve-2021-4104:
investigated: false
@ -13,10 +13,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
@ -28,13 +29,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://search.abb.com/library/Download.aspx?DocumentID=9ADB012621&LanguageCode=en&DocumentPartId=&Action=Launch
- https://library.e.abb.com/public/33d17fce257142a9bc12de09d5b03e4f/9ADB012621_CyberSecurityNotification_Log4Shell_Vulnerabilities_RevE.pdf?x-sign=FsPI10PMyN3QM7OoR2bIwFRdFmC/BCX+5CZVPKdq2/rx0Nh8iHMAwluUVEaTFDjt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ABB
product: ABB Remote Service
product: B&R Products
cves:
cve-2021-4104:
investigated: false
@ -43,10 +44,10 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- ABB Remote Platform (RAP)
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
@ -57,13 +58,14 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
vendor_links:
- https://library.e.abb.com/public/33d17fce257142a9bc12de09d5b03e4f/9ADB012621_CyberSecurityNotification_Log4Shell_Vulnerabilities_RevE.pdf?x-sign=FsPI10PMyN3QM7OoR2bIwFRdFmC/BCX+5CZVPKdq2/rx0Nh8iHMAwluUVEaTFDjt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ABB
product: AlarmInsight Cloud
product: Remote Service
cves:
cve-2021-4104:
investigated: false
@ -71,10 +73,10 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- AlarmInsight KPI Dashboards 1.0.0
fixed_versions: []
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -86,13 +88,14 @@ software:
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
vendor_links:
- https://library.e.abb.com/public/33d17fce257142a9bc12de09d5b03e4f/9ADB012621_CyberSecurityNotification_Log4Shell_Vulnerabilities_RevE.pdf?x-sign=FsPI10PMyN3QM7OoR2bIwFRdFmC/BCX+5CZVPKdq2/rx0Nh8iHMAwluUVEaTFDjt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ABB
product: B&R Products
- vendor: Abbott
product: All
cves:
cve-2021-4104:
investigated: false
@ -101,8 +104,7 @@ software:
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- See Vendor Advisory
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -116,13 +118,13 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.br-automation.com/downloads_br_productcatalogue/assets/1639507581859-en-original-1.0.pdf
notes: ''
- https://www.abbott.com/policies/cybersecurity/apache-Log4j.html
notes: Details are shared with customers with an active RAP subscription.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
last_updated: '2021-12-15T00:00:00'
- vendor: Abbott
product: ''
product: GLP Track System
cves:
cve-2021-4104:
investigated: false
@ -130,8 +132,10 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
investigated: true
affected_versions:
- 'Track Sample Manager (TSM)'
- 'Track Workflow Manager (TWM)'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
@ -146,12 +150,12 @@ software:
unaffected_versions: []
vendor_links:
- https://www.abbott.com/policies/cybersecurity/apache-Log4j.html
notes: ''
notes: Abbott will provide a fix for this in a future update expected in January 2022.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Abnormal Security
product: Abnormal Security
product: All
cves:
cve-2021-4104:
investigated: false
@ -159,10 +163,11 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
@ -179,8 +184,8 @@ software:
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accellence
product: ''
- vendor: Accellence Technologies
product: EBÜS
cves:
cve-2021-4104:
investigated: false
@ -188,10 +193,42 @@ software:
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 'All'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accellence.de/en/articles/cve-2021-44228-62
notes: EBÜS itself is not vulnerable to CVE-2021-44228. Although
it includes several 3rd-partie software setups, which may be affected.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accellence Technologies
product: Vimacc
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
@ -203,7 +240,7 @@ software:
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accellence.de/en/articles/national-vulnerability-database-62
- https://www.accellence.de/en/articles/cve-2021-44228-62
notes: ''
references:
- ''
@ -220,7 +257,7 @@ software:
investigated: true
affected_versions: []
fixed_versions:
- v7.6 release
- 'v7.6 release'
unaffected_versions: []
cve-2021-45046:
investigated: false
@ -234,12 +271,12 @@ software:
unaffected_versions: []
vendor_links:
- https://www.kiteworks.com/kiteworks-news/log4shell-apache-vulnerability-what-kiteworks-customers-need-to-know/
notes: '"As a precaution, Kiteworks released a 7.6.1 Hotfix software update to
notes: As a precaution, Kiteworks released a 7.6.1 Hotfix software update to
address the vulnerability. This patch release adds the mitigation for CVE-2021-44228
contained in the Solr package as recommended by Apache Solr group. Specifically,
it updates the Log4j library to a non-vulnerable version on CentOS 7 systems
as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true
to disable the possible attack vector on both CentOS 6 and CentOS 7."'
as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true"
to disable the possible attack vector on both CentOS 6 and CentOS 7.
references:
- ''
last_updated: '2021-12-16T00:00:00'

Write Preview
Loading…
Cancel
Save