--- version: '1.0' owners: - name: cisagov url: https://github.com/cisagov/log4j-affected-db software: - vendor: WAGO product: WAGO Smart Script cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '4.2.x < 4.8.1.3' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.wago.com/de/automatisierungstechnik/psirt#log4j notes: '' references: - '' last_updated: '2021-12-17T00:00:00' - vendor: Wallarm product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://lab.wallarm.com/cve-2021-44228-mitigation-update/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wallix product: Access Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.wallix.com/fr/support/alerts/ notes: Customer Portal for patch found in advisory. This patch is available to customer only and has not been reviewed by CISA. references: - '' - vendor: Wasp Barcode technologies product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.waspbarcode.com/kb/articles/assetcloud-inventorycloud-are-they-affected-by-the-java-exploit-log4j-no notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Watcher product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://twitter.com/felix_hrn/status/1470387338001977344 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WatchGuard product: AuthPoint cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 'Cloud' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WatchGuard product: Dimension cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WatchGuard product: EDPR and Panda AD360 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WatchGuard product: Firebox cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WatchGuard product: System Manager, Dimension, and Panda AD360 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WatchGuard product: Threat Detection and Response cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Cloud unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WatchGuard product: Wi-Fi Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Cloud unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Western Digital product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WIBU Systems product: CodeMeter Cloud Lite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '2.2 and prior' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf notes: '' references: - '' last_updated: '2021-12-22T00:00:00' - vendor: WIBU Systems product: CodeMeter Keyring for TIA Portal cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 1.30 and prior unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf notes: Only the Password Manager is affected references: - '' last_updated: '2021-12-22T00:00:00' - vendor: WildFly product: All cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '< 22' - '> 26.0.0.Final' - '>= 22' - '<= 26.0.0.Beta1' cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://www.wildfly.org/news/2021/12/13/Log4j-CVEs/ notes: '' references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: LTS17 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: LTS18 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: LTS19 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: LTS21 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wind River product: WRL-6 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: WRL-7 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: WRL-8 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: WRL-9 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' last_updated: '2022-01-21T00:00:00' - vendor: WireShark product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.wireshark.org/news/20211215.html notes: '' references: - '' last_updated: '2021-12-15T07:18:50+00:00' - vendor: Wistia product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.wistia.com/incidents/jtg0dfl5l224 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WitFoo product: Precinct cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: - '6.x' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/ notes: WitFoo Streamer & Apache Kafka Docker containers are/were vulnerable. See advisory. references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WordPress product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://wordpress.org/support/topic/is-the-log4j-vulnerability-an-issue/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Worksphere product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.worksphere.com/product/security-update-on-log4j-cve-2021-44228 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wowza product: Streaming Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '4.7.8' - '4.8.x' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WSO2 product: WSO2 Enterprise Integrator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 6.1.0 and above fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.wso2.com/pages/viewpage.action?pageId=180948677 notes: A temporary mitigation is available while vendor works on update references: - '' last_updated: '2022-01-12T07:18:50+00:00' ...