1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-23 00:50:48 +00:00

Merge branch 'develop' into develop

This commit is contained in:
justmurphy 2021-12-21 15:31:15 -05:00 committed by GitHub
commit c6a4b8e4d2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -858,10 +858,10 @@ This list was initially populated using information from the following sources:
| Docusign | | | | | [Docusign Alert](https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability) | | | | | Docusign | | | | | [Docusign Alert](https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability) | | | |
| DrayTek | Vigor Routers, Access Points, Switches, VigorACS Central Management Software, MyVigor Platform||Not Affected||[DrayTek Statement](https://www.draytek.com/about/security-advisory/log4shell-vulnerability-(cve-2021-44228)/)|||12/15/2021| | DrayTek | Vigor Routers, Access Points, Switches, VigorACS Central Management Software, MyVigor Platform||Not Affected||[DrayTek Statement](https://www.draytek.com/about/security-advisory/log4shell-vulnerability-(cve-2021-44228)/)|||12/15/2021|
| DSpace ||||| [DSpace Google Group](https://groups.google.com/g/dspace-community/c/Fa4VdjiiNyE) | | | | | DSpace ||||| [DSpace Google Group](https://groups.google.com/g/dspace-community/c/Fa4VdjiiNyE) | | | |
| Dynatrace | Managed cluster nodes | | Affected | | | | | | | Dynatrace | Managed cluster nodes | | Not Affected | No | [Official Dynatrace Communication](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | 12/21/2021 |
| Dynatrace | Managed cluster nodes||Affected|||||| | Dynatrace | Managed cluster nodes | | Not Affected | No | [Official Dynatrace Communication](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | 12/21/2021 |
| Dynatrace | Synthetic Activegates | | Affected | | | | | | | Dynatrace | Synthetic Activegates | | Fixed |Yes | [Official Dynatrace Communication](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | 12/21/2021 |
| Dynatrace | Synthetic Activegates||Affected|||||| | Dynatrace | Synthetic Activegates | | Fixed | Yes | [Official Dynatrace Communication](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | 12/21/2021 |
| EasyRedmine | | | | | [EasyRedmine News](https://www.easyredmine.com/news/easy-redmine-application-is-not-affected-by-the-vulnerability-cve-2021-44228) | | | | | EasyRedmine | | | | | [EasyRedmine News](https://www.easyredmine.com/news/easy-redmine-application-is-not-affected-by-the-vulnerability-cve-2021-44228) | | | |
| Eaton | Undisclosed | Undisclosed | Affected | | [Security Bulletin](https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Security-Bulletin%20log4j_CVE_2021_44228_v1.0_Legal-Approved.pdf) | Doesn't openly disclose what products are affected or not for quote 'security purposes'. Needs email registration. No workaround provided due to registration wall. | | | | Eaton | Undisclosed | Undisclosed | Affected | | [Security Bulletin](https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Security-Bulletin%20log4j_CVE_2021_44228_v1.0_Legal-Approved.pdf) | Doesn't openly disclose what products are affected or not for quote 'security purposes'. Needs email registration. No workaround provided due to registration wall. | | |
| EclecticIQ | | | | | [EclecticIQ Advisory](https://docs.eclecticiq.com/security-advisories/security-issues-and-mitigation-actions/eiq-2021-0016-2) | | | | | EclecticIQ | | | | | [EclecticIQ Advisory](https://docs.eclecticiq.com/security-advisories/security-issues-and-mitigation-actions/eiq-2021-0016-2) | | | |
@ -2022,7 +2022,7 @@ This list was initially populated using information from the following sources:
| Siemens | Teamcenter Mendix Connector | V1.0 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | | Siemens | Teamcenter Mendix Connector | V1.0 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 |
| Siemens | Teamcenter Microservices Framework | All Versions >=V5.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | | Siemens | Teamcenter Microservices Framework | All Versions >=V5.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 |
| Siemens | Teamcenter Polarion Integration | All Versions >=V5.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | | Siemens | Teamcenter Polarion Integration | All Versions >=V5.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 |
| Siemens | Teamcenter Rapid Start | All Versions >=V13.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)|Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 ||12/18/2021| | Siemens | Teamcenter Rapid Start | All Versions >=V13.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)|Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 |
| Siemens | Teamcenter Reporting and Analytics | All Versions based on Java SOA client >=V11.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | | Siemens | Teamcenter Reporting and Analytics | All Versions based on Java SOA client >=V11.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 |
| Siemens | Teamcenter Requirements Integrator | All Versions based on Java SOA client >=V11.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | | Siemens | Teamcenter Requirements Integrator | All Versions based on Java SOA client >=V11.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 |
| Siemens | Teamcenter Retail Footwear and Apparel | All Versions >=V4.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | | Siemens | Teamcenter Retail Footwear and Apparel | All Versions >=V4.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 |