1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 08:30:48 +00:00

Merge branch 'develop' into Salesforce-Statuses

This commit is contained in:
Paul 2022-01-26 17:08:18 -06:00 committed by GitHub
commit e244fb4f33
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 1319 additions and 197 deletions

View file

@ -2240,6 +2240,24 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| Palo-Alto Networks | User-ID Agent | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Palo-Alto Networks | User-ID Agent | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | WildFire Appliance | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Palo-Alto Networks | WildFire Appliance | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | WildFire Cloud | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Palo-Alto Networks | WildFire Cloud | | | Unknown | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Panasonic | KX-HDV100 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-HDV130 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-HDV230 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-HDV330 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-HDV340 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-HDV430 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-HDV800 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-TGP500 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-TGP550 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-TGP600 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-TGP700 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UDS124 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UT113 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UT123 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UT133 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UT136 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UT248 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UT670 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panopto | | | | Unknown | [link](https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Panopto | | | | Unknown | [link](https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PaperCut | PaperCut MF | 21.0 and later | | Affected | [link](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | PaperCut | PaperCut MF | 21.0 and later | | Affected | [link](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| PaperCut | PaperCut NG | 21.0 and later | | Affected | [link](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | PaperCut | PaperCut NG | 21.0 and later | | Affected | [link](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
@ -2422,27 +2440,27 @@ NOTE: This file is automatically generated. To submit updates, please refer to
| SAFE FME Server | | | | Unknown | [link](https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | SAFE FME Server | | | | Unknown | [link](https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SAGE | | | | Unknown | [link](https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | SAGE | | | | Unknown | [link](https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SailPoint | | | | Unknown | [link](https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | SailPoint | | | | Unknown | [link](https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Salesforce | Analytics Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Analytics Cloud is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Analytics Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | B2C Commerce Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | B2C Commerce Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | ClickSoftware (As-a-Service) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | ClickSoftware (As-a-Service) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | ClickSoftware (On-Premise) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Please contact Customer Support." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | ClickSoftware (On-Premise) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details are available here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Community Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Community Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Data.com | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Data.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Data.com | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Data.com is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | DataLoader | | <=53.0.0 | Fixed | [link](https://github.com/forcedotcom/dataloader/releases/tag/v53.0.1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 | | Salesforce | DataLoader | | <=53.0.0 | Fixed | [link](https://github.com/forcedotcom/dataloader/releases/tag/v53.0.1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Salesforce | Datorama | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Datorama is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Datorama | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Evergage (Interaction Studio) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Evergage (Interaction Studio) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Force.com | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Force.com is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Experience (Community) Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Heroku | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Heroku is reported to not be affected by CVE-2021-44228; no further action is necessary at this time." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Force.com | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. The Data Loader tool has been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader version 53.0.2 or later. Follow the steps described here to download the latest version of Data Loader. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Marketing Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Marketing Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Heroku | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Heroku is reported to not be affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | MuleSoft (Cloud) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Marketing Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Salesforce-owned services within Marketing Cloud are not affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party vendors have been patched to address the security issues currently identified in CVE-2021-44228 or CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | MuleSoft (On-Premise) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Please contact Customer Support." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | MuleSoft (Cloud) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft services, including dataloader.io, have been updated to mitigate the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Pardot | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Pardot is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | MuleSoft (On-Premise) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors, including Private Cloud Edition (PCE) and Anypoint Studio, have a mitigation in place to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Sales Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Sales Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Pardot | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Service Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Service Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Sales Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Slack | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Slack is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Service Cloud | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Social Studio | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Social Studio is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Slack | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are available here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Tableau (On-Premise) | | < 2021.4.1 | Fixed | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | Fixed in 2021.4.1 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | Salesforce | Social Studio | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Salesforce | Tableau (Online) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Tableau (Online) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | Salesforce | Tableau (On-Premise) | | < 2021.4.1 | Fixed | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Patches to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046 are available for download. Additional details are available here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Salesforce | Tableau (Online) | | | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services have been patched to mitigate the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Samsung Electronics America | Knox Admin Portal | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 | | Samsung Electronics America | Knox Admin Portal | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox Asset Intelligence | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 | | Samsung Electronics America | Knox Asset Intelligence | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox Configure | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 | | Samsung Electronics America | Knox Configure | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |

View file

@ -65558,6 +65558,546 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Panasonic
product: KX-HDV100
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-HDV130
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-HDV230
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-HDV330
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-HDV340
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-HDV430
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-HDV800
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-TGP500
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-TGP550
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-TGP600
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-TGP700
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UDS124
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UT113
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UT123
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UT133
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UT136
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UT248
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UT670
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panopto - vendor: Panopto
product: '' product: ''
cves: cves:
@ -70975,9 +71515,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Analytics Cloud is reported to be affected by CVE-2021-44228. Services notes: Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
have been updated to mitigate the issues identified in CVE-2021-44228 and we services and third-party vendors have been patched to address the issues currently
are executing our final validation steps."' identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71006,8 +71546,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The notes: B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
service is being updated to remediate the vulnerability identified in CVE-2021-44228."' services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71036,8 +71577,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. notes: ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046.
The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' Salesforce-owned services and third-party vendors have been patched to address
the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71066,37 +71608,10 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Please contact Customer Support."' notes: ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
references: Salesforce-owned services and third-party vendors have been patched to address
- '' the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional
last_updated: '2021-12-15T00:00:00' details are available here.
- vendor: Salesforce
product: Community Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Community Cloud is reported to be affected by CVE-2021-44228. The service
is being updated to remediate the vulnerability identified in CVE-2021-44228."'
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71125,9 +71640,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Data.com is reported to be affected by CVE-2021-44228. The service has notes: Data.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
a mitigation in place and is being updated to remediate the vulnerability identified in services and third-party vendors have been patched to address the issues currently
CVE-2021-44228."' identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71186,9 +71701,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Datorama is reported to be affected by CVE-2021-44228. The service has notes: Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
a mitigation in place and is being updated to remediate the vulnerability identified in services and third-party vendors have been patched to address the issues currently
CVE-2021-44228."' identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71217,9 +71732,40 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. notes: Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046.
Services have been updated to mitigate the issues identified in CVE-2021-44228 Salesforce-owned services and third-party vendors have been patched to address
and we are executing our final validation steps."' the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Salesforce
product: Experience (Community) Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71248,8 +71794,12 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Force.com is reported to be affected by CVE-2021-44228. The service is notes: Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
being updated to remediate the vulnerability identified in CVE-2021-44228."' services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046. The Data Loader tool has been
patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
Make sure that you are using Data Loader version 53.0.2 or later. Follow the
steps described here to download the latest version of Data Loader.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71278,8 +71828,8 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Heroku is reported to not be affected by CVE-2021-44228; no further action notes: Heroku is reported to not be affected by the issues currently identified
is necessary at this time."' in CVE-2021-44228 or CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71308,8 +71858,10 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Marketing Cloud is reported to be affected by CVE-2021-44228. The service notes: Salesforce-owned services within Marketing Cloud are not affected by the
is being updated to remediate the vulnerability identified in CVE-2021-44228."' issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party
vendors have been patched to address the security issues currently identified
in CVE-2021-44228 or CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71338,8 +71890,10 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service notes: MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft
is being updated to remediate the vulnerability identified in CVE-2021-44228."' services, including dataloader.io, have been updated to mitigate the issues
currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional
details here.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71368,7 +71922,11 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Please contact Customer Support."' notes: MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors, including Private Cloud Edition
(PCE) and Anypoint Studio, have a mitigation in place to address the issues
currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional
details here.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71397,8 +71955,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Pardot is reported to be affected by CVE-2021-44228. The service is being notes: Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
updated to remediate the vulnerability identified in CVE-2021-44228."' services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71427,8 +71986,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Sales Cloud is reported to be affected by CVE-2021-44228. The service notes: Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
is being updated to remediate the vulnerability identified in CVE-2021-44228."' services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71457,8 +72017,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Service Cloud is reported to be affected by CVE-2021-44228. The service notes: Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
is being updated to remediate the vulnerability identified in CVE-2021-44228."' services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71487,9 +72048,10 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Slack is reported to be affected by CVE-2021-44228. The service has a notes: Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
mitigation in place and is being updated to remediate the vulnerability identified in services and third-party vendors have been patched to address the issues currently
CVE-2021-44228."' identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are
available here.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71518,9 +72080,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Social Studio is reported to be affected by CVE-2021-44228. The service notes: Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
has a mitigation in place and is being updated to remediate the vulnerability services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228."' identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'
@ -71550,7 +72112,10 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell
notes: Fixed in 2021.4.1 notes: Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
Patches to address the issues currently identified in both CVE-2021-44228 and
CVE-2021-45046 are available for download. Additional details are available
here.
references: references:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
@ -71579,8 +72144,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: '"Tableau (Online) is reported to be affected by CVE-2021-44228. The service notes: Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services
is being updated to remediate the vulnerability identified in CVE-2021-44228."' have been patched to mitigate the issues currently identified in both CVE-2021-44228
and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2021-12-15T00:00:00' last_updated: '2021-12-15T00:00:00'

View file

@ -717,6 +717,546 @@ software:
references: references:
- '' - ''
last_updated: '2022-01-12T07:18:50+00:00' last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Panasonic
product: KX-HDV100
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-HDV130
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-HDV230
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-HDV330
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-HDV340
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-HDV430
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-HDV800
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-TGP500
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-TGP550
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-TGP600
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-TGP700
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UDS124
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UT113
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UT123
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UT133
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UT136
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UT248
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panasonic
product: KX-UT670
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html
notes: ''
references:
- ''
last_updated: '2022-01-20T00:00:00'
- vendor: Panopto - vendor: Panopto
product: '' product: ''
cves: cves:

View file

@ -148,9 +148,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. notes: Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
Salesforce-owned services and third-party vendors have been patched to services and third-party vendors have been patched to address the issues currently
address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -181,9 +181,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. notes: B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
Salesforce-owned services and third-party vendors have been patched to address services and third-party vendors have been patched to address the issues currently
the issues currently identified in CVE-2021-44228 and CVE-2021-45046. identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -214,10 +214,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: ClickSoftware (As-a-Service) was affected by CVE-2021-44228 notes: ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046.
and CVE-2021-45046. Salesforce-owned services and third-party vendors Salesforce-owned services and third-party vendors have been patched to address
have been patched to address the issues currently identified in the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -249,42 +248,9 @@ software:
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. notes: ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address the Salesforce-owned services and third-party vendors have been patched to address
issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional
are available here. details are available here.
references:
- ''
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: Experience (Community) Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 'All'
unaffected_versions: []
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions:
- 'All'
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to
address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -315,9 +281,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Data.com was affected by CVE-2021-44228 and CVE-2021-45046. notes: Data.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
Salesforce-owned services and third-party vendors have been patched services and third-party vendors have been patched to address the issues currently
to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -333,12 +299,13 @@ software:
investigated: true investigated: true
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions:
- <=53.0.0 - >=53.0.2
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: false investigated: true
affected_versions: [] affected_versions: []
fixed_versions: [] fixed_versions:
- >=53.0.2
unaffected_versions: [] unaffected_versions: []
cve-2021-45105: cve-2021-45105:
investigated: false investigated: false
@ -350,7 +317,7 @@ software:
notes: '' notes: ''
references: references:
- '' - ''
last_updated: '2021-12-22T00:00:00' last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce - vendor: Salesforce
product: Datorama product: Datorama
cves: cves:
@ -360,16 +327,14 @@ software:
fixed_versions: [] fixed_versions: []
unaffected_versions: [] unaffected_versions: []
cve-2021-44228: cve-2021-44228:
investigated: true investigated: false
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions: []
- 'All'
unaffected_versions: [] unaffected_versions: []
cve-2021-45046: cve-2021-45046:
investigated: true investigated: false
affected_versions: [] affected_versions: []
fixed_versions: fixed_versions: []
- 'All'
unaffected_versions: [] unaffected_versions: []
cve-2021-45105: cve-2021-45105:
investigated: false investigated: false
@ -378,12 +343,12 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Datorama was affected by CVE-2021-44228 and CVE-2021-45046. notes: Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
Salesforce-owned services and third-party vendors have been patched services and third-party vendors have been patched to address the issues currently
to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2021-12-15T00:00:00'
- vendor: Salesforce - vendor: Salesforce
product: Evergage (Interaction Studio) product: Evergage (Interaction Studio)
cves: cves:
@ -412,8 +377,41 @@ software:
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046. notes: Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors have been patched to address the issues Salesforce-owned services and third-party vendors have been patched to address
currently identified in CVE-2021-44228 and CVE-2021-45046. the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2022-01-26T00:00:00'
- vendor: Salesforce
product: Experience (Community) Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 'All'
unaffected_versions: []
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions:
- 'All'
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
services and third-party vendors have been patched to address the issues currently
identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -444,13 +442,12 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Force.com was affected by CVE-2021-44228 and CVE-2021-45046. notes: Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
Salesforce-owned services and third-party vendors have been patched services and third-party vendors have been patched to address the issues currently
to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. identified in CVE-2021-44228 and CVE-2021-45046. The Data Loader tool has been
The Data Loader tool has been patched to address the issues currently identified patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046.
in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader Make sure that you are using Data Loader version 53.0.2 or later. Follow the
version 53.0.2 or later. Follow the steps described here to download the latest steps described here to download the latest version of Data Loader.
version of Data Loader.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -481,8 +478,8 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Heroku is reported to not be affected by the issues currently notes: Heroku is reported to not be affected by the issues currently identified
identified in CVE-2021-44228 or CVE-2021-45046. in CVE-2021-44228 or CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -513,10 +510,10 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Salesforce-owned services within Marketing Cloud are not affected notes: Salesforce-owned services within Marketing Cloud are not affected by the
by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party
Third-party vendors have been patched to address the security issues currently vendors have been patched to address the security issues currently identified
identified in CVE-2021-44228 or CVE-2021-45046. in CVE-2021-44228 or CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -547,10 +544,10 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. notes: MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft
Mulesoft services, including dataloader.io, have been updated to mitigate services, including dataloader.io, have been updated to mitigate the issues
the issues currently identified in CVE-2021-44228 and CVE-2021-45046. currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional
Please see additional details here. details here.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -582,10 +579,10 @@ software:
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. notes: MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
Salesforce-owned services and third-party vendors, including Private Cloud Salesforce-owned services and third-party vendors, including Private Cloud Edition
Edition (PCE) and Anypoint Studio, have a mitigation in place to address the (PCE) and Anypoint Studio, have a mitigation in place to address the issues
issues currently identified in CVE-2021-44228 and CVE-2021-45046. currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional
Please see additional details here. details here.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -616,9 +613,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Pardot was affected by CVE-2021-44228 and CVE-2021-45046. notes: Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
Salesforce-owned services and third-party vendors have been patched services and third-party vendors have been patched to address the issues currently
to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -649,9 +646,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. notes: Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
Salesforce-owned services and third-party vendors have been patched to services and third-party vendors have been patched to address the issues currently
address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -682,9 +679,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. notes: Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
Salesforce-owned services and third-party vendors have been patched to services and third-party vendors have been patched to address the issues currently
address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -715,10 +712,10 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Slack was affected by CVE-2021-44228 and CVE-2021-45046. notes: Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
Salesforce-owned services and third-party vendors have been patched services and third-party vendors have been patched to address the issues currently
to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are
Additional details are available here. available here.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -749,9 +746,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. notes: Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned
Salesforce-owned services and third-party vendors have been patched to services and third-party vendors have been patched to address the issues currently
address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. identified in CVE-2021-44228 and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'
@ -783,7 +780,8 @@ software:
- https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell
notes: Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. notes: Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046.
Patches to address the issues currently identified in both CVE-2021-44228 and Patches to address the issues currently identified in both CVE-2021-44228 and
CVE-2021-45046 are available for download. Additional details are available here. CVE-2021-45046 are available for download. Additional details are available
here.
references: references:
- '' - ''
last_updated: '2021-12-16T00:00:00' last_updated: '2021-12-16T00:00:00'
@ -814,9 +812,9 @@ software:
unaffected_versions: [] unaffected_versions: []
vendor_links: vendor_links:
- https://help.salesforce.com/s/articleView?id=000363736&type=1 - https://help.salesforce.com/s/articleView?id=000363736&type=1
notes: Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. notes: Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services
Services have been patched to mitigate the issues currently identified in have been patched to mitigate the issues currently identified in both CVE-2021-44228
both CVE-2021-44228 and CVE-2021-45046. and CVE-2021-45046.
references: references:
- '' - ''
last_updated: '2022-01-26T00:00:00' last_updated: '2022-01-26T00:00:00'