From 793cfeedd90f6b91111df980341fd5e6040b6273 Mon Sep 17 00:00:00 2001 From: inl-ics <96266975+inl-ics@users.noreply.github.com> Date: Wed, 2 Feb 2022 16:01:50 -0700 Subject: [PATCH 1/2] Update cisagov_E.yml Updated Ewon vendor. --- data/cisagov_E.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/data/cisagov_E.yml b/data/cisagov_E.yml index 1578987..501063c 100644 --- a/data/cisagov_E.yml +++ b/data/cisagov_E.yml @@ -4524,7 +4524,7 @@ software: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ewon - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -4532,10 +4532,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - 'All' cve-2021-45046: investigated: false affected_versions: [] @@ -4551,7 +4552,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:50+00:00' + last_updated: '2022-02-02T07:18:50+00:00' - vendor: Exabeam product: '' cves: From f8c0448f3be39214575817e5d16be858a49a0294 Mon Sep 17 00:00:00 2001 From: cisagovbot <65734717+cisagovbot@users.noreply.github.com> Date: Thu, 3 Feb 2022 14:05:00 +0000 Subject: [PATCH 2/2] Update the software list --- SOFTWARE-LIST.md | 2 +- data/cisagov.yml | 9 +++++---- data/cisagov_E.yml | 2 +- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index f62ff18..4e13419 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -1152,7 +1152,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to | ESRI | Portal for ArcGIS | | All | Fixed | [link](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 | | Estos | | | | Unknown | [link](https://support.estos.de/de/sicherheitshinweise/estos-von-kritischer-schwachstelle-in-log4j-cve-2021-44228-nicht-betroffen) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Evolveum Midpoint | | | | Unknown | [link](https://evolveum.com/midpoint-not-vulnerable-to-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| Ewon | | | | Unknown | [link](https://hmsnetworks.blob.core.windows.net/www/docs/librariesprovider10/downloads-monitored/manuals/release-notes/ecatcher_releasenotes.txt?sfvrsn=4f054ad7_42) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Ewon | All | | | Not Affected | [link](https://hmsnetworks.blob.core.windows.net/www/docs/librariesprovider10/downloads-monitored/manuals/release-notes/ecatcher_releasenotes.txt?sfvrsn=4f054ad7_42) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 | | Exabeam | | | | Unknown | [link](https://community.exabeam.com/s/discussions?t=1639379479381) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Exact | | | | Unknown | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Exivity | | | | Unknown | [link](https://docs.exivity.com/getting-started/releases/announcements#announcement-regarding-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | diff --git a/data/cisagov.yml b/data/cisagov.yml index c586742..b0e0a6d 100644 --- a/data/cisagov.yml +++ b/data/cisagov.yml @@ -33487,7 +33487,7 @@ software: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Ewon - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -33495,10 +33495,11 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] fixed_versions: [] - unaffected_versions: [] + unaffected_versions: + - All cve-2021-45046: investigated: false affected_versions: [] @@ -33514,7 +33515,7 @@ software: notes: '' references: - '' - last_updated: '2022-01-12T07:18:50+00:00' + last_updated: '2022-02-02T07:18:50+00:00' - vendor: Exabeam product: '' cves: diff --git a/data/cisagov_E.yml b/data/cisagov_E.yml index 501063c..687ac2d 100644 --- a/data/cisagov_E.yml +++ b/data/cisagov_E.yml @@ -4536,7 +4536,7 @@ software: affected_versions: [] fixed_versions: [] unaffected_versions: - - 'All' + - All cve-2021-45046: investigated: false affected_versions: []