From f7530501cd505a9a4498f05ae033ee6fbb05d34e Mon Sep 17 00:00:00 2001 From: cisagovbot <65734717+cisagovbot@users.noreply.github.com> Date: Wed, 19 Jan 2022 19:14:16 +0000 Subject: [PATCH] Update the software list --- SOFTWARE-LIST.md | 26 ++++++++++----------- data/cisagov.yml | 60 +++++++++++++++++++++++------------------------- 2 files changed, 42 insertions(+), 44 deletions(-) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index 2c26ea4..b496a05 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -2019,18 +2019,18 @@ NOTE: This file is automatically generated. To submit updates, please refer to | MailStore | | | | Unknown | [link](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Maltego | | | | Unknown | [link](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | ManageEngine Zoho | | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| ManageEngine Zoho | ADAudit Plus | On-Prem | | Affected | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | -| ManageEngine Zoho | ADManager Plus | On-Prem | | Affected | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | -| ManageEngine Zoho | Analytics Plus | On-Prem | | Affected | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | -| ManageEngine Zoho | Cloud Security Plus | On-Prem | | Affected | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | -| ManageEngine Zoho | DataSecurity Plus | On-Prem | | Affected | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | -| ManageEngine Zoho | EventLog Analyzer | On-Prem | | Affected | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | -| ManageEngine Zoho | Exchange Reporter Plus | On-Prem | | Affected | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | -| ManageEngine Zoho | Log360 | On-Prem | | Affected | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | -| ManageEngine Zoho | Log360 UEBA | On-Prem | | Affected | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | -| ManageEngine Zoho | M365 Manager Plus | On-Prem | | Affected | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | -| ManageEngine Zoho | M365 Security Plus | On-Prem | | Affected | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | -| ManageEngine Zoho | RecoveryManager Plus | On-Prem | | Affected | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| ManageEngine Zoho | ADAudit Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| ManageEngine Zoho | ADManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| ManageEngine Zoho | Analytics Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| ManageEngine Zoho | Cloud Security Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| ManageEngine Zoho | DataSecurity Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| ManageEngine Zoho | EventLog Analyzer | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| ManageEngine Zoho | Exchange Reporter Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| ManageEngine Zoho | Log360 | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| ManageEngine Zoho | Log360 UEBA | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| ManageEngine Zoho | M365 Manager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| ManageEngine Zoho | M365 Security Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | +| ManageEngine Zoho | RecoveryManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 | | ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 | | ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 | | MariaDB | | | | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | @@ -2073,7 +2073,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to | MEINBERG | LANTIME and microSync | | | Unknown | [link](https://www.meinbergglobal.com/english/news/meinberg-lantime-and-microsync-systems-not-at-risk-from-log4j-security-exploit.htm) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 | | Meltano | Meltano | | | Unknown | [link](https://github.com/meltano/meltano) | Project is written in Python | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Memurai | | | | Unknown | [link](https://www.memurai.com/blog/apache-log4j2-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | -| MicroFocus | | | | Unknown | [link](https://portal.microfocus.com/s/customportalsearch?language=en_US&searchtext=CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | +| Micro Focus | Data Protector | | 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.90, 10.91, 11.00 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003052) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 | | Microsoft | Azure API Gateway | | | Unknown | [link](https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Microsoft | Azure Application Gateway | | | Unknown | [link](https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | | Microsoft | Azure Data lake store java | < 2.3.10 | | Affected | [link](https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 | diff --git a/data/cisagov.yml b/data/cisagov.yml index 07e73cb..42f2d44 100644 --- a/data/cisagov.yml +++ b/data/cisagov.yml @@ -59072,8 +59072,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: false - affected_versions: - - On-Prem + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -59102,8 +59101,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: false - affected_versions: - - On-Prem + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -59132,8 +59130,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: false - affected_versions: - - On-Prem + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -59162,8 +59159,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: false - affected_versions: - - On-Prem + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -59192,8 +59188,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: false - affected_versions: - - On-Prem + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -59222,8 +59217,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: false - affected_versions: - - On-Prem + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -59252,8 +59246,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: false - affected_versions: - - On-Prem + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -59282,8 +59275,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: false - affected_versions: - - On-Prem + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -59312,8 +59304,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: false - affected_versions: - - On-Prem + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -59342,8 +59333,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: false - affected_versions: - - On-Prem + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -59372,8 +59362,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: false - affected_versions: - - On-Prem + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -59402,8 +59391,7 @@ software: unaffected_versions: [] cve-2021-44228: investigated: false - affected_versions: - - On-Prem + affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: @@ -60620,8 +60608,8 @@ software: references: - '' last_updated: '2022-01-12T07:18:54+00:00' - - vendor: MicroFocus - product: '' + - vendor: Micro Focus + product: Data Protector cves: cve-2021-4104: investigated: false @@ -60629,9 +60617,19 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: - investigated: false + investigated: true affected_versions: [] - fixed_versions: [] + fixed_versions: + - '10.20' + - '10.30' + - '10.40' + - '10.50' + - '10.60' + - '10.70' + - '10.80' + - '10.90' + - '10.91' + - '11.00' unaffected_versions: [] cve-2021-45046: investigated: false @@ -60644,11 +60642,11 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://portal.microfocus.com/s/customportalsearch?language=en_US&searchtext=CVE-2021-44228 + - https://portal.microfocus.com/s/article/KM000003052 notes: '' references: - - '' - last_updated: '2022-01-12T07:18:54+00:00' + - '[https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050)' + last_updated: '2021-12-13T00:00:00' - vendor: Microsoft product: Azure API Gateway cves: