r3pek/log4j-affected-db
1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-25 01:40:47 +00:00
Code Releases Activity

Update the software list

Browse source
This commit is contained in:
cisagovbot 2022-01-25 20:31:24 +00:00
parent b27e73aea7
commit cdc5a68182
3 changed files with 209 additions and 184 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
SOFTWARE-LIST.md
View file

@ -2422,27 +2422,27 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| SAFE FME Server | | | | Unknown | [link](https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SAGE | | | | Unknown | [link](https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SailPoint | | | | Unknown | [link](https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Salesforce | Analytics Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Analytics Cloud is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | B2C Commerce Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | ClickSoftware (As-a-Service) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | ClickSoftware (On-Premise) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Please contact Customer Support." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Community Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Community Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Data.com | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Data.com is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Analytics Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | B2C Commerce Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | ClickSoftware (As-a-Service) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | ClickSoftware (On-Premise) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details are available here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Data.com | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Data.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | DataLoader | | <=53.0.0 | Fixed | [link](https://github.com/forcedotcom/dataloader/releases/tag/v53.0.1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Salesforce | Datorama | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Datorama is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Evergage (Interaction Studio) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Force.com | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Force.com is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Heroku | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Heroku is reported to not be affected by CVE-2021-44228; no further action is necessary at this time." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Marketing Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Marketing Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | MuleSoft (Cloud) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | MuleSoft (On-Premise) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Please contact Customer Support." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Pardot | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Pardot is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Sales Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Sales Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Service Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Service Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Slack | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Slack is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Social Studio | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Social Studio is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Tableau (On-Premise) | | < 2021.4.1 | Fixed | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | Fixed in 2021.4.1 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Salesforce | Tableau (Online) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Tableau (Online) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Datorama | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Evergage (Interaction Studio) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Experience (Community) Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Force.com | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. The Data Loader tool has been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader version 53.0.2 or later. Follow the steps described here to download the latest version of Data Loader. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Heroku | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Heroku is reported to not be affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Marketing Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Salesforce-owned services within Marketing Cloud are not affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party vendors have been patched to address the security issues currently identified in CVE-2021-44228 or CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | MuleSoft (Cloud) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft services, including dataloader.io, have been updated to mitigate the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | MuleSoft (On-Premise) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors, including Private Cloud Edition (PCE) and Anypoint Studio, have a mitigation in place to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Pardot | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Sales Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Service Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Slack | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are available here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Social Studio | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Tableau (On-Premise) | | < 2021.4.1 | Fixed | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Patches to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046 are available for download. Additional details are available here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Salesforce | Tableau (Online) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services have been patched to mitigate the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Samsung Electronics America | Knox Admin Portal | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox Asset Intelligence | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox Configure | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |

168
data/cisagov.yml
View file

@ -70975,9 +70975,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Analytics Cloud is reported to be affected by CVE-2021-44228. Services
have been updated to mitigate the issues identified in CVE-2021-44228 and we
are executing our final validation steps."'
notes: Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71006,8 +71006,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The
service is being updated to remediate the vulnerability identified in CVE-2021-44228."'
notes: B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71036,8 +71037,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228.
The service is being updated to remediate the vulnerability identified in CVE-2021-44228."'
notes: ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address
the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71066,37 +71068,10 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Please contact Customer Support."'
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Salesforce
product: Community Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Community Cloud is reported to be affected by CVE-2021-44228. The service
is being updated to remediate the vulnerability identified in CVE-2021-44228."'
notes: ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address
the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional
details are available here.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71125,9 +71100,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Data.com is reported to be affected by CVE-2021-44228. The service has
a mitigation in place and is being updated to remediate the vulnerability identified in
CVE-2021-44228."'
notes: Data.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71186,9 +71161,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Datorama is reported to be affected by CVE-2021-44228. The service has
a mitigation in place and is being updated to remediate the vulnerability identified in
CVE-2021-44228."'
notes: Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71217,9 +71192,40 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228.
Services have been updated to mitigate the issues identified in CVE-2021-44228
and we are executing our final validation steps."'
notes: Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address
the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Salesforce
product: Experience (Community) Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71248,8 +71254,12 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Force.com is reported to be affected by CVE-2021-44228. The service is
being updated to remediate the vulnerability identified in CVE-2021-44228."'
notes: Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046. The Data Loader tool has been
patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
Make sure that you are using Data Loader version 53.0.2 or later. Follow the
steps described here to download the latest version of Data Loader.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71278,8 +71288,8 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Heroku is reported to not be affected by CVE-2021-44228; no further action
is necessary at this time."'
notes: Heroku is reported to not be affected by the issues currently identified
in CVE-2021-44228 or CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71308,8 +71318,10 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Marketing Cloud is reported to be affected by CVE-2021-44228. The service
is being updated to remediate the vulnerability identified in CVE-2021-44228."'
notes: Salesforce-owned services within Marketing Cloud are not affected by the
issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party
vendors have been patched to address the security issues currently identified
in CVE-2021-44228 or CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71338,8 +71350,10 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service
is being updated to remediate the vulnerability identified in CVE-2021-44228."'
notes: MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft
services, including dataloader.io, have been updated to mitigate the issues
currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional
details here.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71368,7 +71382,11 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Please contact Customer Support."'
notes: MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors, including Private Cloud Edition
(PCE) and Anypoint Studio, have a mitigation in place to address the issues
currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional
details here.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71397,8 +71415,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Pardot is reported to be affected by CVE-2021-44228. The service is being
updated to remediate the vulnerability identified in CVE-2021-44228."'
notes: Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71427,8 +71446,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Sales Cloud is reported to be affected by CVE-2021-44228. The service
is being updated to remediate the vulnerability identified in CVE-2021-44228."'
notes: Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71457,8 +71477,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Service Cloud is reported to be affected by CVE-2021-44228. The service
is being updated to remediate the vulnerability identified in CVE-2021-44228."'
notes: Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71487,9 +71508,10 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Slack is reported to be affected by CVE-2021-44228. The service has a
mitigation in place and is being updated to remediate the vulnerability identified in
CVE-2021-44228."'
notes: Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are
available here.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71518,9 +71540,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Social Studio is reported to be affected by CVE-2021-44228. The service
has a mitigation in place and is being updated to remediate the vulnerability
identified in CVE-2021-44228."'
notes: Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -71550,7 +71572,10 @@ software:
unaffected_versions: []
vendor_links:
- https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell
notes: Fixed in 2021.4.1
notes: Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
Patches to address the issues currently identified in both CVE-2021-44228 and
CVE-2021-45046 are available for download. Additional details are available
here.
references:
- ''
last_updated: '2021-12-16T00:00:00'
@ -71579,8 +71604,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Tableau (Online) is reported to be affected by CVE-2021-44228. The service
is being updated to remediate the vulnerability identified in CVE-2021-44228."'
notes: Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services
have been patched to mitigate the issues currently identified in both CVE-2021-44228
and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'

185
data/cisagov_S.yml
View file

@ -146,9 +146,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to
address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
notes: Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -177,9 +177,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address
the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
notes: B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -208,10 +208,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: ClickSoftware (As-a-Service) was affected by CVE-2021-44228
and CVE-2021-45046. Salesforce-owned services and third-party vendors
have been patched to address the issues currently identified in
CVE-2021-44228 and CVE-2021-45046.
notes: ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address
the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -241,40 +240,9 @@ software:
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address the
issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details
are available here.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Salesforce
product: Experience (Community) Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to
address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address
the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional
details are available here.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -303,9 +271,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Data.com was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched
to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
notes: Data.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -364,9 +332,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Datorama was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched
to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
notes: Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -396,8 +364,39 @@ software:
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address the issues
currently identified in CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address
the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Salesforce
product: Experience (Community) Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -426,13 +425,12 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Force.com was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched
to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
The Data Loader tool has been patched to address the issues currently identified
in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader
version 53.0.2 or later. Follow the steps described here to download the latest
version of Data Loader.
notes: Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046. The Data Loader tool has been
patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
Make sure that you are using Data Loader version 53.0.2 or later. Follow the
steps described here to download the latest version of Data Loader.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -461,8 +459,8 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Heroku is reported to not be affected by the issues currently
identified in CVE-2021-44228 or CVE-2021-45046.
notes: Heroku is reported to not be affected by the issues currently identified
in CVE-2021-44228 or CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -491,10 +489,10 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Salesforce-owned services within Marketing Cloud are not affected
by the issues currently identified in CVE-2021-44228 or CVE-2021-45046.
Third-party vendors have been patched to address the security issues currently
identified in CVE-2021-44228 or CVE-2021-45046.
notes: Salesforce-owned services within Marketing Cloud are not affected by the
issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party
vendors have been patched to address the security issues currently identified
in CVE-2021-44228 or CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -523,10 +521,10 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046.
Mulesoft services, including dataloader.io, have been updated to mitigate
the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
Please see additional details here.
notes: MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft
services, including dataloader.io, have been updated to mitigate the issues
currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional
details here.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -556,10 +554,10 @@ software:
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors, including Private Cloud
Edition (PCE) and Anypoint Studio, have a mitigation in place to address the
issues currently identified in CVE-2021-44228 and CVE-2021-45046.
Please see additional details here.
Salesforce-owned services and third-party vendors, including Private Cloud Edition
(PCE) and Anypoint Studio, have a mitigation in place to address the issues
currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional
details here.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -588,9 +586,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Pardot was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched
to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
notes: Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -619,9 +617,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to
address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
notes: Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -650,9 +648,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to
address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
notes: Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -681,10 +679,10 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Slack was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched
to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046.
Additional details are available here.
notes: Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are
available here.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -713,9 +711,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Social Studio was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to
address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
notes: Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
@ -747,7 +745,8 @@ software:
- https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell
notes: Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
Patches to address the issues currently identified in both CVE-2021-44228 and
CVE-2021-45046 are available for download. Additional details are available here.
CVE-2021-45046 are available for download. Additional details are available
here.
references:
- ''
last_updated: '2021-12-16T00:00:00'
@ -776,9 +775,9 @@ software:
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046.
Services have been patched to mitigate the issues currently identified in
both CVE-2021-44228 and CVE-2021-45046.
notes: Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services
have been patched to mitigate the issues currently identified in both CVE-2021-44228
and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'