--- version: '1.0' owners: - name: cisagov url: https://github.com/cisagov/log4j-affected-db software: - vendor: Zabbix product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.zabbix.com/zabbix-not-affected-by-the-log4j-exploit/17873/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: ZAMMAD product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zaproxy product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zebra product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zebra.com/us/en/support-downloads/lifeguard-security/cve-2021-442280-dubbed-log4shell-or-logjam-vulnerability.html notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zeiss product: Cataract Suite cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 1.3.1 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html notes: Patch is available. references: - '' last_updated: '2021-02-01T00:00:00' - vendor: Zeiss product: EQ Workplace cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 1.6, 1.8 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html notes: Patch is available. references: - '' last_updated: '2021-02-01T00:00:00' - vendor: Zeiss product: FORUM cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 4.2.x unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html notes: Patch is available. references: - '' last_updated: '2021-02-01T00:00:00' - vendor: Zeiss product: Glaucoma Workplace cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 3.5.x unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html notes: Patch is available. references: - '' last_updated: '2021-02-01T00:00:00' - vendor: Zeiss product: Laser Treatment Workplace cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 1.x unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html notes: Patch is available. references: - '' last_updated: '2021-02-01T00:00:00' - vendor: Zeiss product: Retina Workplace cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 2.5.x, 2.6.x unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html notes: Patch is available. references: - '' last_updated: '2021-02-01T00:00:00' - vendor: Zendesk product: All Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All Versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.zendesk.com/hc/en-us/articles/4413583476122 notes: Zendesk products are all cloud-based; thus there are no updates for the customers to install as the company is working on patching their infrastructure and systems. references: - '' last_updated: '2021-12-13T00:00:00' - vendor: Zenoss product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.zenoss.com/hc/en-us notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zentera Systems, Inc. product: CoIP Access Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.zentera.net/hc/en-us/articles/4416227743511--CVE-2021-44228-Log4Shell-Vulnerability-in-Apache-Log4j notes: '' references: - '' last_updated: '2021-12-17T00:00:00' - vendor: Zerto product: Cloud Appliance cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' vendor_links: - https://help.zerto.com/kb/000004822 notes: '' references: - '' last_updated: '2021-02-01T00:00:00' - vendor: Zerto product: Cloud Manager cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' vendor_links: - https://help.zerto.com/kb/000004822 notes: '' references: - '' last_updated: '2021-02-01T00:00:00' - vendor: Zerto product: Virtual Manager cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' vendor_links: - https://help.zerto.com/kb/000004822 notes: '' references: - '' last_updated: '2021-02-01T00:00:00' - vendor: Zerto product: Virtual Replication Appliance cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' vendor_links: - https://help.zerto.com/kb/000004822 notes: '' references: - '' last_updated: '2021-02-01T00:00:00' - vendor: Zesty product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zesty.io/mindshare/company-announcements/log4j-exploit/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zimbra product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://bugzilla.zimbra.com/show_bug.cgi?id=109428 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zix product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.appriver.com/ notes: '' references: - '' last_updated: '2021-12-16T00:00:00' - vendor: Zoho product: Online cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: - '' vendor_links: - https://help.zoho.com/portal/en/community/topic/update-on-the-recent-apache-log4j-vulnerability notes: '' references: - '' last_updated: '2021-02-01T00:00:00' - vendor: Zoom product: '' cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' vendor_links: - https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: ZPE systems Inc product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.zpesystems.com/portal/en/kb/articles/is-nodegrid-os-and-zpe-cloud-affected-by-cve-2021-44228-apache-log4j notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zscaler product: See Link (Multiple Products) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://trust.zscaler.com/posts/9581 notes: '' references: - '' last_updated: '2021-12-15T00:00:00' - vendor: Zyxel product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zyxel.com/support/Zyxel_security_advisory_for_Apache_Log4j_RCE_vulnerability.shtml notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Zyxel product: All other products cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' vendor_links: - https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability notes: '' references: - '' last_updated: '2021-12-14T00:00:00' - vendor: Zyxel product: Netlas Element Management System (EMS) cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: - '' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' vendor_links: - https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability notes: Hotfix availibility Dec. 20 2021. Patch availability in end of Feb. 2022. references: - '' last_updated: '2021-12-14T00:00:00' - vendor: Zyxel product: Security Firewall/Gateways cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - ZLD Firmware Security Services - Nebula cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' vendor_links: - https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability notes: '' references: - '' last_updated: '2021-12-14T00:00:00' ...