--- version: '1.0' owners: - name: cisagov url: https://github.com/cisagov/log4j-affected-db software: - vendor: WAGO product: WAGO Smart Script cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 4.2.x < 4.8.1.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.wago.com/de/automatisierungstechnik/psirt#log4j notes: '' references: - '' last_updated: '2021-12-17T00:00:00' - vendor: Wallarm product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://lab.wallarm.com/cve-2021-44228-mitigation-update/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wasp Barcode technologies product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.waspbarcode.com/kb/articles/assetcloud-inventorycloud-are-they-affected-by-the-java-exploit-log4j-no notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WatchGuard product: Secplicity cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Western Digital product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WIBU Systems product: CodeMeter Cloud Lite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.2 and prior fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf notes: '' references: - '' last_updated: '2021-12-22T00:00:00' - vendor: WIBU Systems product: CodeMeter Keyring for TIA Portal cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.30 and prior fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf notes: Only the Password Manager is affected references: - '' last_updated: '2021-12-22T00:00:00' - vendor: Wind River product: LTS17 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: LTS18 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: LTS19 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: LTS21 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wind River product: WRL-6 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: WRL-7 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: WRL-8 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. references: - '' last_updated: '2022-01-21T00:00:00' - vendor: Wind River product: WRL-9 cves: cve-2021-4104: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45105: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' last_updated: '2022-01-21T00:00:00' - vendor: WireShark product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://gitlab.com/wireshark/wireshark/-/issues/17783 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wistia product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.wistia.com/incidents/jtg0dfl5l224 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WitFoo product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WordPress product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://wordpress.org/support/topic/is-the-log4j-vulnerability-an-issue/ notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Worksphere product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.worksphere.com/product/security-update-on-log4j-cve-2021-44228 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Wowza product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: WSO2 product: WSO2 Enterprise Integrator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 6.1.0 and above fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.wso2.com/pages/viewpage.action?pageId=180948677 notes: A temporary mitigation is available while vendor works on update references: - '' last_updated: '2022-01-12T07:18:50+00:00' ...