Merge branch 'develop' into dependabot/github_actions/lewagon/wait-on-check-action-1.1.1

SOFTWARE-LIST.md

@@ -22,7 +22,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 
 | Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
 | ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
-| 1Password | All products |  |  | Unknown | [link](https://support.1password.com/kb/202112/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
+| 1Password | All products |  |  | Not Affected | [link](https://support.1password.com/kb/202112/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-01-14 |
 | 2n |  |  |  | Unknown | [link](https://www.2n.com/cs_CZ/novinky/produkty-2n-neohrozuje-zranitelnost-cve-2021-44228-komponenty-log4j-2) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | 3CX |  |  |  | Unknown | [link](https://www.3cx.com/community/threads/log4j-vulnerability-cve-2021-44228.86436/#post-407911) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | 3M Health Information Systems | CGS |  |  | Unknown | [link](https://support.3mhis.com/app/account/updates/ri/5210) | This advisory is available to customer only and has not been reviewed by CISA. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
@@ -150,6 +150,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | Atlassian | Fisheye |  |  | Not Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Atlassian | Jira Server & Data Center |  |  | Not Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Attivo networks |  |  |  | Unknown | [link](https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
+| Atvise | All |  |  | Not Affected | [link](https://www.atvise.com/en/articles/at-log4j-sicherheitsluecke-atvise-produkte-und-terminals-nicht-betroffen) | The security vulnerability does NOT affect our applications and products or pose any threat. This applies to all Bachmann applications and products, including atvise solutions. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
 | AudioCodes |  |  |  | Unknown | [link](https://services.audiocodes.com/app/answers/kbdetail/a_id/2225) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Autodesk |  |  |  | Unknown | [link](https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html) | Autodesk is continuing to perform a thorough investigation in relation to the recently discovered Apache Log4j security vulnerabilities. We continue to implement several mitigating factors for our products including patching, network firewall blocks, and updated detection signatures to reduce the threat of this vulnerability and enhance our ability to quickly respond to potential malicious activity. We have not identified any compromised systems in the Autodesk environment due to this vulnerability, at this time. This is an ongoing investigation and we will provide updates on the [Autodesk Trust Center as we learn more](https://www.autodesk.com/trust/overview). |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
 | Automox |  |  |  | Unknown | [link](https://blog.automox.com/log4j-critical-vulnerability-scores-a-10) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@@ -1771,7 +1772,11 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | iRedMail |  |  |  | Unknown | [link](https://forum.iredmail.org/topic18605-log4j-cve202144228.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Ironnet |  |  |  | Unknown | [link](https://www.ironnet.com/blog/ironnet-security-notifications-related-to-log4j-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | ISLONLINE |  |  |  | Unknown | [link](https://blog.islonline.com/2021/12/13/isl-online-is-not-affected-by-log4shell-vulnerability/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
-| Ivanti |  |  |  | Unknown | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
+| Ivanti | Avalanche | 6.2.2, 6.3.0 to 6.3.3 |  | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
+| Ivanti | Ivanti File Director | 2019.1.*, 2020.1.*, 2020.3.*, 2021.1.*, 4.4.* | 2021.3 HF2, 2021.1 HF1, 2020.3 HF2 | Fixed | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
+| Ivanti | MobileIron Core | All |  | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | See Advisory details for mitigation instructions for MobileIron Core. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
+| Ivanti | MobileIron Core Connector | All |  | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | See Advisory details for mitigation instructions for MobileIron Core Connector. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
+| Ivanti | MobileIron Sentry (Core/Cloud) | 9.13, 9.14 |  | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | See Advisory details for mitigation instructions for MobileIron Sentry. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
 | Jamasoftware |  |  |  | Unknown | [link](https://community.jamasoftware.com/communities/community-home/digestviewer/viewthread?MessageKey=06d26f9c-2abe-4c10-93d4-c0f6c8a01b22&CommunityKey=c9d20d4c-5bb6-4f19-92eb-e7cee0942d51&tab=digestviewer#bm06d26f9c-2abe-4c10-93d4-c0f6c8a01b22) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Jamf | Jamf Pro | 10.31.0 – 10.34.0 |  | Affected | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Janitza | GridVis |  |  | Not Affected | [link](https://www.janitza.com/us/gridvis-download.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
@@ -1962,8 +1967,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | ManageEngine | AD SelfService Plus |  |  | Not Affected |  |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
 | ManageEngine | Servicedesk Plus | 11305 and below |  | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
 | MariaDB |  |  |  | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
-| MathWorks | All MathWorks general release desktop or server products |  |  | Unknown | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
-| MathWorks | MATLAB |  |  | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-29 |
+| MathWorks | All MathWorks general release desktop or server products |  |  | Not Affected | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
+| MathWorks | MATLAB |  |  | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
 | Matillion | Matillion ETL |  | 1.59.10+ | Fixed | [link](https://documentation.matillion.com/docs/security-advisory-14th-december-2021) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-11-01 |
 | Matomo |  |  |  | Unknown | [link](https://forum.matomo.org/t/matomo-is-not-concerned-by-the-log4j-security-breach-cve-2021-44228-discovered-on-december-2021-the-9th/44089) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Mattermost FocalBoard |  |  |  | Unknown | [link](https://forum.mattermost.org/t/log4j-vulnerability-concern/12676) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@@ -2043,8 +2048,8 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | N-able |  |  |  | Unknown | [link](https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Nagios |  |  |  | Unknown | [link](https://www.nagios.com/news/2021/12/update-on-apache-log4j-vulnerability/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | NAKIVO |  |  |  | Unknown | [link](https://forum.nakivo.com/index.php?/topic/7574-log4j-cve-2021-44228/&do=findComment&comment=9145) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
-| National Instruments | OptimalPlus |  |  | Unknown | [link](https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html) | (Limited to deployments running Veritas, Cloudera, or Logstash) Contact Technical Support |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
-| Neo4j | Neo4j Graph Database | Version >4.2, <4..2.12 |  | Affected |  |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
+| National Instruments | OptimalPlus | Vertica, Cloudera, Logstash |  | Affected | [link](https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html) | (Limited to deployments running Vertica, Cloudera, or Logstash) Contact Technical Support |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
+| Neo4j | Neo4j Graph Database | >4.2, <4..2.12 |  | Affected |  |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
 | Netapp | Multiple NetApp products |  |  | Unknown | [link](https://security.netapp.com/advisory/ntap-20211210-0007/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Netcup |  |  |  | Unknown | [link](https://www.netcup-news.de/2021/12/14/pruefung-log4j-sicherheitsluecken-abgeschlossen/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | NetGate PFSense |  |  |  | Unknown | [link](https://forum.netgate.com/topic/168417/java-log4j-vulnerability-is-pfsense-affected/35) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@@ -2054,7 +2059,6 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | NextCloud |  |  |  | Unknown | [link](https://help.nextcloud.com/t/apache-log4j-does-not-affect-nextcloud/129244) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Nextflow | Nextflow |  |  | Not Affected | [link](https://www.nextflow.io/docs/latest/index.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
 | Nexus Group |  |  |  | Unknown | [link](https://doc.nexusgroup.com/pages/viewpage.action?pageId=83133294) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
-| NI (National Instruments) |  |  |  | Unknown | [link](https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Nice Software (AWS) EnginFRAME |  |  |  | Unknown | [link](https://download.enginframe.com/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | NinjaRMM |  |  |  | Unknown | [link](https://ninjarmm.zendesk.com/hc/en-us/articles/4416226194189-12-10-21-Security-Declaration-NinjaOne-not-affected-by-CVE-2021-44228-log4j-) | This advisory is available to customers only and has not been reviewed by CISA |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | Nomachine |  |  |  | Unknown | [link](https://forums.nomachine.com/topic/apache-log4j-notification) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
@@ -2185,6 +2189,16 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | Salesforce | Social Studio |  |  | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Social Studio is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified  in CVE-2021-44228." |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
 | Salesforce | Tableau (On-Premise) |  | < 2021.4.1 | Fixed | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | Fixed in 2021.4.1 |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
 | Salesforce | Tableau (Online) |  |  | Unknown | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Tableau (Online) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
+| Samsung Electronics America | Knox Admin Portal |  |  | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
+| Samsung Electronics America | Knox Asset Intelligence |  |  | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
+| Samsung Electronics America | Knox Configure |  |  | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
+| Samsung Electronics America | Knox E-FOTA One |  |  | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
+| Samsung Electronics America | Knox Guard |  |  | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
+| Samsung Electronics America | Knox License Management |  |  | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
+| Samsung Electronics America | Knox Manage |  | Cloud | Fixed | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
+| Samsung Electronics America | Knox Managed Services Provider (MSP) |  |  | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
+| Samsung Electronics America | Knox Mobile Enrollment |  |  | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
+| Samsung Electronics America | Knox Reseller Portal |  | Cloud | Fixed | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
 | Sangoma |  |  |  | Unknown | [link](https://help.sangoma.com/community/s/article/Log4Shell) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
 | SAP |  |  |  | Unknown | [link](https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf) | This advisory is available to customers only and has not been reviewed by CISA |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | SAP Advanced Platform |  |  |  | Unknown | [link](https://launchpad.support.sap.com/#/notes/3130698) | This advisory is available to customers only and has not been reviewed by CISA |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
@@ -2660,6 +2674,7 @@ NOTE: This file is automatically generated. To submit updates, please refer to
 | VMware | VMware vRealize Orchestrator | 8.x, 7.x |  | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
 | VMware | VMware Workspace ONE Access | 21.x, 20.10.x |  | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
 | VMware | VMware Workspace ONE Access Connector (VMware Identity Manager Connector) | 21.x, 20.10.x, 19.03.0.1 |  | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
+| VTScada | All |  |  | Not Affected | [link](https://www.vtscada.com/vtscada-unaffected-by-log4j/) | Java is not utilized within VTScada software, and thus our users are unaffected. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
 | Vyaire |  |  |  | Unknown | [link](https://www.vyaire.com/sites/us/files/2021-12/2021-12-15-product-security-bulletin-for-log4shell-vulnerability.pdf) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
 | WAGO | WAGO Smart Script | 4.2.x < 4.8.1.3 |  | Affected | [link](https://www.wago.com/de/automatisierungstechnik/psirt#log4j) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
 | Wallarm |  |  |  | Unknown | [link](https://lab.wallarm.com/cve-2021-44228-mitigation-update/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

data/cisagov.yml

@@ -8,31 +8,35 @@ software:
     product: All products
     cves:
       cve-2021-4104:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
+          - '>= 1.0.0'
       cve-2021-44228:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
+          - '>= 1.0.0'
       cve-2021-45046:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
+          - '>= 1.0.0'
       cve-2021-45105:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
+          - '>= 1.0.0'
     vendor_links:
       - https://support.1password.com/kb/202112/
     notes: ''
     references:
       - ''
-    last_updated: '2021-12-23T00:00:00'
+    last_updated: '2021-01-14T00:00:00'
   - vendor: 2n
     product: ''
     cves:
@@ -3851,6 +3855,38 @@ software:
     references:
       - ''
     last_updated: '2022-01-12T07:18:50+00:00'
+  - vendor: Atvise
+    product: All
+    cves:
+      cve-2021-4104:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.atvise.com/en/articles/at-log4j-sicherheitsluecke-atvise-produkte-und-terminals-nicht-betroffen
+    notes: The security vulnerability does NOT affect our applications and products
+      or pose any threat. This applies to all Bachmann applications and products,
+      including atvise solutions.
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
   - vendor: AudioCodes
     product: ''
     cves:
@@ -51710,7 +51746,7 @@ software:
       - ''
     last_updated: '2022-01-12T07:18:54+00:00'
   - vendor: Ivanti
-    product: ''
+    product: Avalanche
     cves:
       cve-2021-4104:
         investigated: false
@@ -51718,26 +51754,156 @@ software:
         fixed_versions: []
         unaffected_versions: []
       cve-2021-44228:
+        investigated: true
+        affected_versions:
+          - 6.2.2
+          - 6.3.0 to 6.3.3
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-18T00:00:00'
+  - vendor: Ivanti
+    product: Ivanti File Director
+    cves:
+      cve-2021-4104:
         investigated: false
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions:
+          - 2019.1.*
+          - 2020.1.*
+          - 2020.3.*
+          - 2021.1.*
+          - 4.4.*
+        fixed_versions:
+          - 2021.3 HF2
+          - 2021.1 HF1
+          - 2020.3 HF2
+        unaffected_versions: []
       cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-18T00:00:00'
+  - vendor: Ivanti
+    product: MobileIron Core
+    cves:
+      cve-2021-4104:
         investigated: false
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions:
+          - All
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
       cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
+    notes: See Advisory details for mitigation instructions for MobileIron Core.
+    references:
+      - ''
+    last_updated: '2022-01-18T00:00:00'
+  - vendor: Ivanti
+    product: MobileIron Core Connector
+    cves:
+      cve-2021-4104:
         investigated: false
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions:
+          - All
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
     vendor_links:
       - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
-    notes: ''
+    notes: See Advisory details for mitigation instructions for MobileIron Core Connector.
     references:
       - ''
-    last_updated: '2022-01-12T07:18:54+00:00'
+    last_updated: '2022-01-18T00:00:00'
+  - vendor: Ivanti
+    product: MobileIron Sentry (Core/Cloud)
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions:
+          - '9.13'
+          - '9.14'
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
+    notes: See Advisory details for mitigation instructions for MobileIron Sentry.
+    references:
+      - ''
+    last_updated: '2022-01-18T00:00:00'
   - vendor: Jamasoftware
     product: ''
     cves:
@@ -57338,7 +57504,7 @@ software:
         fixed_versions: []
         unaffected_versions: []
       cve-2021-44228:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
@@ -57357,7 +57523,7 @@ software:
     notes: ''
     references:
       - ''
-    last_updated: '2022-01-12T07:18:54+00:00'
+    last_updated: '2022-01-18T00:00:00'
   - vendor: MathWorks
     product: MATLAB
     cves:
@@ -57387,7 +57553,7 @@ software:
     notes: ''
     references:
       - ''
-    last_updated: '2021-12-29T00:00:00'
+    last_updated: '2022-01-18T00:00:00'
   - vendor: Matillion
     product: Matillion ETL
     cves:
@@ -59699,28 +59865,31 @@ software:
     product: OptimalPlus
     cves:
       cve-2021-4104:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
       cve-2021-44228:
-        investigated: false
-        affected_versions: []
+        investigated: true
+        affected_versions:
+          - Vertica
+          - Cloudera
+          - Logstash
         fixed_versions: []
         unaffected_versions: []
       cve-2021-45046:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
       cve-2021-45105:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
     vendor_links:
       - https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html
-    notes: (Limited to deployments running Veritas, Cloudera, or Logstash) Contact
+    notes: (Limited to deployments running Vertica, Cloudera, or Logstash) Contact
       Technical Support
     references:
       - ''
@@ -59736,7 +59905,7 @@ software:
       cve-2021-44228:
         investigated: true
         affected_versions:
-          - Version >4.2
+          - '>4.2'
           - <4..2.12
         fixed_versions: []
         unaffected_versions: []
@@ -60021,35 +60190,6 @@ software:
     references:
       - ''
     last_updated: '2022-01-12T07:18:54+00:00'
-  - vendor: NI (National Instruments)
-    product: ''
-    cves:
-      cve-2021-4104:
-        investigated: false
-        affected_versions: []
-        fixed_versions: []
-        unaffected_versions: []
-      cve-2021-44228:
-        investigated: false
-        affected_versions: []
-        fixed_versions: []
-        unaffected_versions: []
-      cve-2021-45046:
-        investigated: false
-        affected_versions: []
-        fixed_versions: []
-        unaffected_versions: []
-      cve-2021-45105:
-        investigated: false
-        affected_versions: []
-        fixed_versions: []
-        unaffected_versions: []
-    vendor_links:
-      - https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html
-    notes: ''
-    references:
-      - ''
-    last_updated: '2022-01-12T07:18:54+00:00'
   - vendor: Nice Software (AWS) EnginFRAME
     product: ''
     cves:
@@ -63903,6 +64043,316 @@ software:
     references:
       - ''
     last_updated: '2021-12-15T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Admin Portal
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Asset Intelligence
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Configure
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox E-FOTA One
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Guard
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox License Management
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Manage
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions:
+          - Cloud
+        unaffected_versions: []
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions:
+          - Cloud
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Managed Services Provider (MSP)
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Mobile Enrollment
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Reseller Portal
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions:
+          - Cloud
+        unaffected_versions: []
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions:
+          - Cloud
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
   - vendor: Sangoma
     product: ''
     cves:
@@ -78033,6 +78483,36 @@ software:
     references:
       - ''
     last_updated: '2021-12-12T00:00:00'
+  - vendor: VTScada
+    product: All
+    cves:
+      cve-2021-4104:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - All
+      cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.vtscada.com/vtscada-unaffected-by-log4j/
+    notes: Java is not utilized within VTScada software, and thus our users are unaffected.
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
   - vendor: Vyaire
     product: ''
     cves:

data/cisagov_A.yml

@@ -3705,6 +3705,36 @@ software:
     references:
       - ''
     last_updated: '2022-01-12T07:18:50+00:00'
+  - vendor: Atvise
+    product: All
+    cves:
+      cve-2021-4104:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.atvise.com/en/articles/at-log4j-sicherheitsluecke-atvise-produkte-und-terminals-nicht-betroffen
+    notes: The security vulnerability does NOT affect our applications and products or pose any threat. This applies to all Bachmann applications and products, including atvise solutions.
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
   - vendor: AudioCodes
     product: ''
     cves:

data/cisagov_I.yml

@@ -6975,7 +6975,7 @@ software:
       - ''
     last_updated: '2022-01-12T07:18:54+00:00'
   - vendor: Ivanti
-    product: ''
+    product: Avalanche
     cves:
       cve-2021-4104:
         investigated: false
@@ -6983,24 +6983,154 @@ software:
         fixed_versions: []
         unaffected_versions: []
       cve-2021-44228:
+        investigated: true
+        affected_versions:
+          - '6.2.2'
+          - '6.3.0 to 6.3.3'
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-18T00:00:00'
+  - vendor: Ivanti
+    product: Ivanti File Director
+    cves:
+      cve-2021-4104:
         investigated: false
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions:
+          - '2019.1.*'
+          - '2020.1.*'
+          - '2020.3.*'
+          - '2021.1.*'
+          - '4.4.*'
+        fixed_versions:
+          - '2021.3 HF2'
+          - '2021.1 HF1'
+          - '2020.3 HF2'
+        unaffected_versions: []
+      cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-18T00:00:00'
+  - vendor: Ivanti
+    product: MobileIron Core
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions:
+          - 'All'
+        fixed_versions: []
+        unaffected_versions: []
       cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
+    notes: See Advisory details for mitigation instructions for MobileIron Core.
+    references:
+      - ''
+    last_updated: '2022-01-18T00:00:00'
+  - vendor: Ivanti
+    product: MobileIron Sentry (Core/Cloud)
+    cves:
+      cve-2021-4104:
         investigated: false
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions:
+          - '9.13'
+          - '9.14'
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
       cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
+    notes: See Advisory details for mitigation instructions for MobileIron Sentry.
+    references:
+      - ''
+    last_updated: '2022-01-18T00:00:00'
+  - vendor: Ivanti
+    product: MobileIron Core Connector
+    cves:
+      cve-2021-4104:
         investigated: false
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions:
+          - 'All'
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
     vendor_links:
       - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
-    notes: ''
+    notes: See Advisory details for mitigation instructions for MobileIron Core Connector.
     references:
       - ''
-    last_updated: '2022-01-12T07:18:54+00:00'
+    last_updated: '2022-01-18T00:00:00'
 ...

data/cisagov_M.yml

@@ -548,7 +548,7 @@ software:
         fixed_versions: []
         unaffected_versions: []
       cve-2021-44228:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
@@ -567,7 +567,7 @@ software:
     notes: ''
     references:
       - ''
-    last_updated: '2022-01-12T07:18:54+00:00'
+    last_updated: '2022-01-18T00:00:00'
   - vendor: MathWorks
     product: MATLAB
     cves:
@@ -581,7 +581,7 @@ software:
         affected_versions: []
         fixed_versions: []
         unaffected_versions:
-          - All
+          - 'All'
       cve-2021-45046:
         investigated: false
         affected_versions: []
@@ -597,7 +597,7 @@ software:
     notes: ''
     references:
       - ''
-    last_updated: '2021-12-29T00:00:00'
+    last_updated: '2022-01-18T00:00:00'
   - vendor: Matillion
     product: Matillion ETL
     cves:

data/cisagov_N.yml

@@ -95,28 +95,31 @@ software:
     product: OptimalPlus
     cves:
       cve-2021-4104:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
       cve-2021-44228:
-        investigated: false
-        affected_versions: []
+        investigated: true
+        affected_versions:
+          - 'Vertica'
+          - 'Cloudera'
+          - 'Logstash'
         fixed_versions: []
         unaffected_versions: []
       cve-2021-45046:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
       cve-2021-45105:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
         unaffected_versions: []
     vendor_links:
       - https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html
-    notes: (Limited to deployments running Veritas, Cloudera, or Logstash) Contact
+    notes: (Limited to deployments running Vertica, Cloudera, or Logstash) Contact
       Technical Support
     references:
       - ''
@@ -132,8 +135,8 @@ software:
       cve-2021-44228:
         investigated: true
         affected_versions:
-          - Version >4.2
-          - <4..2.12
+          - '>4.2'
+          - '<4..2.12'
         fixed_versions: []
         unaffected_versions: []
       cve-2021-45046:
@@ -279,7 +282,7 @@ software:
         investigated: true
         affected_versions: []
         fixed_versions:
-          - 3.0.57
+          - '3.0.57'
         unaffected_versions: []
       cve-2021-45046:
         investigated: false
@@ -309,7 +312,7 @@ software:
       cve-2021-44228:
         investigated: true
         affected_versions:
-          - <7.4.3
+          - '<7.4.3'
         fixed_versions: []
         unaffected_versions: []
       cve-2021-45046:
@@ -371,7 +374,7 @@ software:
         affected_versions: []
         fixed_versions: []
         unaffected_versions:
-          - 21.04.0.5552
+          - '21.04.0.5552'
       cve-2021-45046:
         investigated: false
         affected_versions: []
@@ -417,35 +420,6 @@ software:
     references:
       - ''
     last_updated: '2022-01-12T07:18:54+00:00'
-  - vendor: NI (National Instruments)
-    product: ''
-    cves:
-      cve-2021-4104:
-        investigated: false
-        affected_versions: []
-        fixed_versions: []
-        unaffected_versions: []
-      cve-2021-44228:
-        investigated: false
-        affected_versions: []
-        fixed_versions: []
-        unaffected_versions: []
-      cve-2021-45046:
-        investigated: false
-        affected_versions: []
-        fixed_versions: []
-        unaffected_versions: []
-      cve-2021-45105:
-        investigated: false
-        affected_versions: []
-        fixed_versions: []
-        unaffected_versions: []
-    vendor_links:
-      - https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html
-    notes: ''
-    references:
-      - ''
-    last_updated: '2022-01-12T07:18:54+00:00'
   - vendor: Nice Software (AWS) EnginFRAME
     product: ''
     cves:

data/cisagov_Non-Alphabet.yml

@@ -8,31 +8,35 @@ software:
     product: All products
     cves:
       cve-2021-4104:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
+          - '>= 1.0.0'
       cve-2021-44228:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
+          - '>= 1.0.0'
       cve-2021-45046:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
+          - '>= 1.0.0'
       cve-2021-45105:
-        investigated: false
+        investigated: true
         affected_versions: []
         fixed_versions: []
-        unaffected_versions: []
+        unaffected_versions:
+          - '>= 1.0.0'
     vendor_links:
       - https://support.1password.com/kb/202112/
     notes: ''
     references:
       - ''
-    last_updated: '2021-12-23T00:00:00'
+    last_updated: '2021-01-14T00:00:00'
   - vendor: 2n
     product: ''
     cves:

data/cisagov_S.yml

@@ -755,6 +755,316 @@ software:
     references:
       - ''
     last_updated: '2021-12-15T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Reseller Portal
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions:
+          - 'Cloud'
+        unaffected_versions: []
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions:
+          - 'Cloud'
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Manage
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions:
+          - 'Cloud'
+        unaffected_versions: []
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions:
+          - 'Cloud'
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Admin Portal
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Mobile Enrollment
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Configure
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Asset Intelligence
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox E-FOTA One
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Managed Services Provider (MSP)
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox Guard
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
+  - vendor: Samsung Electronics America
+    product: Knox License Management
+    cves:
+      cve-2021-4104:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45105:
+        investigated: false
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services
+    notes: ''
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
   - vendor: Sangoma
     product: ''
     cves:

data/cisagov_V.yml

@@ -2571,6 +2571,36 @@ software:
     references:
       - ''
     last_updated: '2021-12-12T00:00:00'
+  - vendor: VTScada
+    product: All
+    cves:
+      cve-2021-4104:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-44228:
+        investigated: true
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions:
+          - 'All'
+      cve-2021-45046:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+      cve-2021-45105:
+        investigated: ''
+        affected_versions: []
+        fixed_versions: []
+        unaffected_versions: []
+    vendor_links:
+      - https://www.vtscada.com/vtscada-unaffected-by-log4j/
+    notes: Java is not utilized within VTScada software, and thus our users are unaffected.
+    references:
+      - ''
+    last_updated: '2022-01-17T00:00:00'
   - vendor: Vyaire
     product: ''
     cves: