1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-23 00:50:48 +00:00

Merge pull request #323 from cisagov/citrix-updates

Update SOFTWARE-LIST.md
This commit is contained in:
Lcerkov 2021-12-21 23:25:42 -05:00 committed by GitHub
commit c6acd40fb2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -423,12 +423,18 @@ This list was initially populated using information from the following sources:
| Cisco | duo network gateway (on-prem/self-hosted) | | Under Investigation | | | | | | | Cisco | duo network gateway (on-prem/self-hosted) | | Under Investigation | | | | | |
| Cisco | Exony Virtualized Interaction Manager (VIM) | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | | Cisco | Exony Virtualized Interaction Manager (VIM) | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | |
| Cisco | Managed Services Accelerator (MSX) Network Access Control Service | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | | Cisco | Managed Services Accelerator (MSX) Network Access Control Service | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | |
| Citrix | | | | | [Cirtix Article](https://support.citrix.com/article/CTX335705) | | | | | Citrix | Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) | All Platforms | Not Affected | | [Citrix Statement](https://support.citrix.com/article/CTX335705) | Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. | | 12/21/2021 |
| Citrix | Citrix ADC | | Under Investigation | | [https://support.citrix.com/article/CTX335705](https://support.citrix.com/article/CTX335705) | | | | | Citrix | Citrix Application Delivery Management (NetScaler MAS) | All Platforms | Not Affected | | [Citrix Statement](https://support.citrix.com/article/CTX335705) | Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. | | 12/21/2021 |
| Citrix | Citrix Endpoint Management | | Under Investigation | | [https://support.citrix.com/article/CTX335705](https://support.citrix.com/article/CTX335705) | | | | | Citrix | Citrix Cloud Connector | | Not Affected | | [Citrix Statement](https://support.citrix.com/article/CTX335705) | Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. | | 12/21/2021 |
| Citrix | Citrix Gateway | | Under Investigation | | [https://support.citrix.com/article/CTX335705](https://support.citrix.com/article/CTX335705) | | | | | Citrix | Citrix Connector Appliance for Cloud Services | | Not Affected | | [Citrix Statement](https://support.citrix.com/article/CTX335705) | Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. | | 12/21/2021 |
| Citrix | Citrix SD-WAN | | Under Investigation | | [https://support.citrix.com/article/CTX335705](https://support.citrix.com/article/CTX335705) | | | | | Citrix | Citrix Content Collaboration (ShareFile Integration) Citrix Files for Windows, Citrix Files for Mac, Citrix Files for Outlook | | Not Affected | | [Citrix Statement](https://support.citrix.com/article/CTX335705) | Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. | | 12/21/2021 |
| Citrix | Citrix Virtual Apps and Desktops | | Under Investigation | | [https://support.citrix.com/article/CTX335705](https://support.citrix.com/article/CTX335705) | | | | | Citrix | Citrix Endpoint Management (Citrix XenMobile Server) | | Affected | Yes | [Citrix Statement](https://support.citrix.com/article/CTX335705) | For CVE-2021-44228 and CVE-2021-45046: ImpactedCustomers are advised to apply the latest CEM rolling patch updates listed below as soon as possible to reduce the risk of exploitation. [XenMobile Server 10.14 RP2](https://support.citrix.com/article/CTX335763); [XenMobile Server 10.13 RP5](https://support.citrix.com/article/CTX335753); and [XenMobile Server 10.12 RP10](https://support.citrix.com/article/CTX335785). Note: Customers who have upgraded their XenMobile Server to the updated versions are recommended not to apply the responder policy mentioned in the blog listed below to the Citrix ADC vserver in front of the XenMobile Server as it may impact the enrollment of Android devices. For CVE-2021-45105: Investigation in progress. | | 12/21/2021 |
| Citrix | Citrix Hypervisor (XenServer) | | Not Affected | | [Citrix Statement](https://support.citrix.com/article/CTX335705) | Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. | | 12/21/2021 |
| Citrix | Citrix License Server | | Not Affected | | [Citrix Statement](https://support.citrix.com/article/CTX335705) | Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. | | 12/21/2021 |
| Citrix | Citrix SD-WAN | All Platforms | Not Affected | | [Citrix Statement](https://support.citrix.com/article/CTX335705) | Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. | | 12/21/2021 |
| Citrix | ShareFile Storage Zones Controller | | Not Affected | | [Citrix Statement](https://support.citrix.com/article/CTX335705) | Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. | | 12/21/2021 |
| Citrix | Citrix Virtual Apps and Desktops (XenApp & XenDesktop) | | Affected | | [Citrix Statement](https://support.citrix.com/article/CTX335705) | IMPACTED: Linux VDA (non-LTSR versions only)- CVE-2021-44228 and CVE-2021-45046: Customers are advised to apply the latest update as soon as possible to reduce the risk of exploitation. [Linux Virtual Delivery Agent 2112](https://www.citrix.com/downloads/citrix-virtual-apps-and-desktops/components/linux-vda-2112.html). See the [Citrix Statement](https://support.citrix.com/article/CTX335705) for additional mitigations. For CVE-2021-45105: Investigation has shown that Linux VDA is not impacted. Nonetheless, the Linux VDA 2112 has been updated (21.12.0.30, released December 20th) to contain Apache log4j version 2.17.0. NOT IMPACTED: Linux VDA LTSR all versions; All other CVAD components. | | 12/21/2021 |
| Citrix | Citrix Workspace App | All Platforms | Not Affected | | [Citrix Statement](https://support.citrix.com/article/CTX335705) | Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. | | 12/21/2021 |
| Claris | | | | | [Claris Article](https://support.claris.com/s/article/CVE-2021-44228-Apache-Log4j-Vulnerability-and-Claris-products?language=en_US) | | | | | Claris | | | | | [Claris Article](https://support.claris.com/s/article/CVE-2021-44228-Apache-Log4j-Vulnerability-and-Claris-products?language=en_US) | | | |
| Cloudera | AM2CM Tool | | Not Affected | | [https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | | | Cloudera | AM2CM Tool | | Not Affected | | [https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | |
| Cloudera | Ambari | Only versions 2.x, 1.x | Affected | | [https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | | | Cloudera | Ambari | Only versions 2.x, 1.x | Affected | | [https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | |