mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-25 09:50:47 +00:00
Update the software list
This commit is contained in:
parent
00e4bad5ea
commit
dd4d70100a
2 changed files with 0 additions and 141 deletions
|
@ -2026,10 +2026,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
|
||||||
| Mitel | | | | Unknown | [link](https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| Mitel | | | | Unknown | [link](https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| MMM Group | Control software of all MMM series | | | Unknown | [link](https://www.mmmgroup.com/en/news/cybersecurity-vulnerability-log4shell-java-library-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
| MMM Group | Control software of all MMM series | | | Unknown | [link](https://www.mmmgroup.com/en/news/cybersecurity-vulnerability-log4shell-java-library-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
||||||
| MMM Group | RUMED360 Cycles, RUMED360 Cycles View, RUMED360 Sicon, RUMED360 ISA-Server | | | Unknown | [link](https://www.mmmgroup.com/en/news/cybersecurity-vulnerability-log4shell-java-library-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
| MMM Group | RUMED360 Cycles, RUMED360 Cycles View, RUMED360 Sicon, RUMED360 ISA-Server | | | Unknown | [link](https://www.mmmgroup.com/en/news/cybersecurity-vulnerability-log4shell-java-library-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
|
||||||
| MobileIron | Core | All Versions | | Affected | [link](https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US) | The mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
|
||||||
| MobileIron | Core Connector | All Versions | | Affected | [link](https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US) | The mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
|
||||||
| MobileIron | Reporting Database (RDB) | All Versions | | Affected | [link](https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US) | The mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
|
||||||
| MobileIron | Sentry | 9.13, 9.14 | | Affected | [link](https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US) | The mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
|
|
||||||
| MongoDB | All other components of MongoDB Atlas (including Atlas Database, Data Lake, Charts) | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| MongoDB | All other components of MongoDB Atlas (including Atlas Database, Data Lake, Charts) | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| MongoDB | MongoDB Atlas Search | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| MongoDB | MongoDB Atlas Search | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
| MongoDB | MongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators) | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
| MongoDB | MongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators) | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
||||||
|
|
137
data/cisagov.yml
137
data/cisagov.yml
|
@ -59189,143 +59189,6 @@ software:
|
||||||
references:
|
references:
|
||||||
- ''
|
- ''
|
||||||
last_updated: '2022-01-05T00:00:00'
|
last_updated: '2022-01-05T00:00:00'
|
||||||
- vendor: MobileIron
|
|
||||||
product: Core
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- All Versions
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
|
|
||||||
notes: The mitigation instructions listed in a subsequent section removes a vulnerable
|
|
||||||
Java class (JNDILookUp.class) from the affected Log4J Java library and as a
|
|
||||||
result removes the ability to perform the RCE attack. The workaround needs
|
|
||||||
to be applied in a maintenance window. You will not be able to access the admin
|
|
||||||
portal during the procedure, however, end user devices will continue to function.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: MobileIron
|
|
||||||
product: Core Connector
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- All Versions
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
|
|
||||||
notes: The mitigation instructions listed in a subsequent section removes a vulnerable
|
|
||||||
Java class (JNDILookUp.class) from the affected Log4J Java library and as a
|
|
||||||
result removes the ability to perform the RCE attack. The workaround needs
|
|
||||||
to be applied in a maintenance window. You will not be able to access the admin
|
|
||||||
portal during the procedure, however, end user devices will continue to function.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: MobileIron
|
|
||||||
product: Reporting Database (RDB)
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- All Versions
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
|
|
||||||
notes: The mitigation instructions listed in a subsequent section removes a vulnerable
|
|
||||||
Java class (JNDILookUp.class) from the affected Log4J Java library and as a
|
|
||||||
result removes the ability to perform the RCE attack. The workaround needs
|
|
||||||
to be applied in a maintenance window. You will not be able to access the admin
|
|
||||||
portal during the procedure, however, end user devices will continue to function.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: MobileIron
|
|
||||||
product: Sentry
|
|
||||||
cves:
|
|
||||||
cve-2021-4104:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-44228:
|
|
||||||
investigated: true
|
|
||||||
affected_versions:
|
|
||||||
- '9.13'
|
|
||||||
- '9.14'
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45046:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
cve-2021-45105:
|
|
||||||
investigated: false
|
|
||||||
affected_versions: []
|
|
||||||
fixed_versions: []
|
|
||||||
unaffected_versions: []
|
|
||||||
vendor_links:
|
|
||||||
- https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US
|
|
||||||
notes: The mitigation instructions listed in a subsequent section removes a vulnerable
|
|
||||||
Java class (JNDILookUp.class) from the affected Log4J Java library and as a
|
|
||||||
result removes the ability to perform the RCE attack. The workaround needs
|
|
||||||
to be applied in a maintenance window. You will not be able to access the admin
|
|
||||||
portal during the procedure, however, end user devices will continue to function.
|
|
||||||
references:
|
|
||||||
- ''
|
|
||||||
last_updated: '2021-12-20T00:00:00'
|
|
||||||
- vendor: MongoDB
|
- vendor: MongoDB
|
||||||
product: All other components of MongoDB Atlas (including Atlas Database, Data
|
product: All other components of MongoDB Atlas (including Atlas Database, Data
|
||||||
Lake, Charts)
|
Lake, Charts)
|
||||||
|
|
Loading…
Reference in a new issue