From de8dc2b91bbb3e54d993b4931e37db0cb8f547e3 Mon Sep 17 00:00:00 2001 From: Lcerkov <96153185+Lcerkov@users.noreply.github.com> Date: Wed, 22 Dec 2021 16:57:50 -0500 Subject: [PATCH] update autodesk issue #270 --- SOFTWARE-LIST.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index d338b2e..d7d4dfc 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -131,7 +131,7 @@ This list was initially populated using information from the following sources: | Atlassian | Jira Server & Data Center | All | Not Affected | | [Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html)| This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | | | Attivo networks | | | | | [Attivo Networks Advisory](https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf) | | | | | AudioCodes | | | | | [AudioCodes Link](https://services.audiocodes.com/app/answers/kbdetail/a_id/2225) | | | | -| Autodesk | | | | | [Autodesk Article Link](https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html) | | | | +| Autodesk | | | Under Investigation | | [Autodesk Article Link](https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html) | Autodesk is continuing to perform a thorough investigation in relation to the recently discovered Apache Log4j security vulnerabilities. We continue to implement several mitigating factors for our products including patching, network firewall blocks, and updated detection signatures to reduce the threat of this vulnerability and enhance our ability to quickly respond to potential malicious activity. We have not identified any compromised systems in the Autodesk environment due to this vulnerability, at this time. This is an ongoing investigation and we will provide updates on the [Autodesk Trust Center as we learn more](https://www.autodesk.com/trust/overview). | | 12/21/2021 | | Automox | | | | | [Automox Blog Post](https://blog.automox.com/log4j-critical-vulnerability-scores-a-10) | | | | | Autopsy | | | | | [Autopsy Link](https://www.autopsy.com/autopsy-and-log4j-vulnerability/) | | | | | Auvik | | | | | [Auvik Status Link](https://status.auvik.com/incidents/58bfngkz69mj) | | | |