--- version: '1.0' software: - vendor: 1Password product: All products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.1password.com/kb/202112/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-23T00:00:00' - vendor: 2n product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.2n.com/cs_CZ/novinky/produkty-2n-neohrozuje-zranitelnost-cve-2021-44228-komponenty-log4j-2 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: 3CX product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.3cx.com/community/threads/log4j-vulnerability-cve-2021-44228.86436/#post-407911 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: 3M Health Information Systems product: CGS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.3mhis.com/app/account/updates/ri/5210 notes: This advisory is available to customer only and has not been reviewed by CISA. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: 7-Zip product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sourceforge.net/p/sevenzip/discussion/45797/thread/b977bbd4d1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: ABB product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://search.abb.com/library/Download.aspx?DocumentID=9ADB012621&LanguageCode=en&DocumentPartId=&Action=Launch notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: ABB product: ABB Remote Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - ABB Remote Platform (RAP) fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: ABB product: AlarmInsight Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - AlarmInsight KPI Dashboards 1.0.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: ABB product: B&R Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - See Vendor Advisory fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.br-automation.com/downloads_br_productcatalogue/assets/1639507581859-en-original-1.0.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Abbott product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.abbott.com/policies/cybersecurity/apache-Log4j.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Abnormal Security product: Abnormal Security cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://abnormalsecurity.com/blog/attackers-use-email-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Accellence product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.accellence.de/en/articles/national-vulnerability-database-62 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Accellion product: Kiteworks cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - v7.6 release unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.kiteworks.com/kiteworks-news/log4shell-apache-vulnerability-what-kiteworks-customers-need-to-know/ notes: '"As a precaution, Kiteworks released a 7.6.1 Hotfix software update to address the vulnerability. This patch release adds the mitigation for CVE-2021-44228 contained in the Solr package as recommended by Apache Solr group. Specifically, it updates the Log4j library to a non-vulnerable version on CentOS 7 systems as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true” to disable the possible attack vector on both CentOS 6 and CentOS 7."' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Acquia product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.acquia.com/hc/en-us/articles/4415823329047-Apache-log4j-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Acronis product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security-advisory.acronis.com/advisories/SEC-3859 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: ActiveState product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.activestate.com/blog/activestate-statement-java-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Adaptec product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://ask.adaptec.com/app/answers/detail/a_id/17523/kw/log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Addigy product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://addigy.com/blog/addigy-and-apaches-log4j2-cve-2021-44228-status/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Adeptia product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.adeptia.com/hc/en-us/articles/4412815509524-CVE-2021-44228-Log4j2-Vulnerability-Mitigation- notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Adobe ColdFusion product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://helpx.adobe.com/coldfusion/kb/log4j-vulnerability-coldfusion.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: ADP product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.adp.com/about-adp/data-security/alerts/adp-vulnerability-statement-apache-log4j-vulnerability-cve-2021-44228.aspx notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFAS Software product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.afas.nl/vraagantwoord/NL/SE/120439.htm notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFHCAN Global LLC product: AFHCANsuite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 8.0.7 - 8.4.3 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://afhcan.org/support.aspx notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFHCAN Global LLC product: AFHCANServer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 8.0.7 - 8.4.3 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://afhcan.org/support.aspx notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFHCAN Global LLC product: AFHCANcart cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 8.0.7 - 8.4.3 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://afhcan.org/support.aspx notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFHCAN Global LLC product: AFHCANweb cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 8.0.7 - 8.4.3 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://afhcan.org/support.aspx notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFHCAN Global LLC product: AFHCANmobile cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 8.0.7 - 8.4.3 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://afhcan.org/support.aspx notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AFHCAN Global LLC product: AFHCANupdate cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 8.0.7 - 8.4.3 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://afhcan.org/support.aspx notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Agilysys product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://info.agilysys.com/webmail/76642/2001127877/c3fda575e2313fac1f6a203dc6fc1db2439c3db0da22bde1b6c1b6747d7f0e2f notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Advanced Systems Concepts (formally Jscape) product: Active MFT cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.advsyscon.com/hc/en-us/articles/4413631831569 notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Advanced Systems Concepts (formally Jscape) product: MFT Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.advsyscon.com/hc/en-us/articles/4413631831569 notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Advanced Systems Concepts (formally Jscape) product: MFT Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.advsyscon.com/hc/en-us/articles/4413631831569 notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Advanced Systems Concepts (formally Jscape) product: MFT cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.advsyscon.com/hc/en-us/articles/4413631831569 notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Akamai product: SIEM Splunk Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://splunkbase.splunk.com/app/4310/ notes: v1.4.11 is the new recommendation for mitigation of log4j vulnerabilities references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Alcatel product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://dokuwiki.alu4u.com/doku.php?id=log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Alertus product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.alertus.com/s/article/Security-Advisory-Log4Shell-Vulnerability?language=en_US notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Alexion product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://alexion.nl/blog/alexion-crm-niet-vatbaar-voor-log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Alfresco product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://hub.alfresco.com/t5/alfresco-content-services-blog/cve-2021-44228-related-to-apache-log4j-security-advisory/ba-p/310717 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AlienVault product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://success.alienvault.com/s/article/are-USM-Anywhere-or-USM-Central-vulnerable-to-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Alphatron Medical product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.alphatronmedical.com/home.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: Athena cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: AWS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Linux 1 - '2' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: 'Notes: Amazon Linux 1 had aws apitools which were Java based but these were deprecated in 2015 [AWS Forum](https://forums.aws.amazon.com/thread.jspa?threadID=323611). AMIs used to inspect and verify (base spin ups) - amzn-ami-hvm-2018.03.0.20200318.1-x86_64-gp2 and amzn2-ami-kernel-5.10-hvm-2.0.20211201.0-x86_64-gp2' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Amazon product: AWS API Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Amazon product: AWS CloudHSM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 3.4.1. fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: AWS Connect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: Vendors recommend evaluating components of the environment outside of the Amazon Connect service boundary, which may require separate/additional customer mitigation references: - '' reporter: cisagov last_updated: '2021-12-23T00:00:00' - vendor: Amazon product: AWS Lambda cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Unknown fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: AWS DynamoDB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Unknown unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Amazon product: AWS ElastiCache cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Unknown unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Amazon product: AWS Inspector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Unknown unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Amazon product: AWS RDS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Unknown unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: Amazon RDS and Amazon Aurora have been updated to mitigate the issues identified in CVE-2021-44228 references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Amazon product: AWS S3 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Unknown unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Amazon product: AWS SNS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Unknown unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: Amazon SNS systems that serve customer traffic are patched against the Log4j2 issue. We are working to apply the Log4j2 patch to sub-systems that operate separately from SNS’s systems that serve customer traffic references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Amazon product: AWS SQS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Unknown unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Amazon product: AWS EKS, ECS, Fargate cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Unknown fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: To help mitigate the impact of the open-source Apache “Log4j2" utility (CVE-2021-44228 and CVE-2021-45046) security issues on customers’ containers, Amazon EKS, Amazon ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). This hot-patch will require customer opt-in to use, and disables JNDI lookups from the Log4J2 library in customers’ containers. These updates are available as an Amazon Linux package for Amazon ECS customers, as a DaemonSet for Kubernetes users on AWS, and will be in supported AWS Fargate platform versions references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Amazon product: AWS ELB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Unknown unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Amazon product: AWS Kinesis Data Stream cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Unknown fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: We are actively patching all sub-systems that use Log4j2 by applying updates. The Kinesis Client Library (KCL) version 2.X and the Kinesis Producer Library (KPL) are not impacted. For customers using KCL 1.x, we have released an updated version and we strongly recommend that all KCL version 1.x customers upgrade to KCL version 1.14.5 (or higher) references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Amazon product: AWS Lambda cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Unknown fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: CloudFront cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: CloudWatch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: EC2 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Amazon Linux 1 & 2 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Amazon product: ELB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: KMS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: OpenSearch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Unknown fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: RDS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: Route 53 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: S3 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: Translate cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/translate/ notes: Service not identified on [AWS Log4j Security Bulletin](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Amazon product: VPC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AMD product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1034 notes: Currently, no AMD products have been identified as affected. AMD is continuing its analysis. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Anaconda product: Anaconda cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 4.10.3 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.conda.io/projects/conda/en/latest/index.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Apache product: ActiveMQ Artemis cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://activemq.apache.org/news/cve-2021-44228 notes: ActiveMQ Artemis does not use Log4j for logging. However, Log4j 1.2.17 is included in the Hawtio-based web console application archive (i.e. [web/console.war/WEB-INF/lib](web/console.war/WEB-INF/lib)). Although this version of Log4j is not impacted by CVE-2021-44228 future versions of Artemis will be updated so that the Log4j jar is no longer included in the web console application archive. See [ARTEMIS-3612](https://issues.apache.org/jira/browse/ARTEMIS-3612) for more information on that task. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Apache product: Airflow cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/apache/airflow/tree/main/airflow notes: Airflow is written in Python references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Apache product: Camel cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.14.1.3.11.5 - 3.7.7 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://camel.apache.org/blog/2021/12/log4j2/ notes: Apache Camel does not directly depend on Log4j 2, so we are not affected by CVE-2021-44228.If you explicitly added the Log4j 2 dependency to your own applications, make sure to upgrade.Apache Camel does use log4j during testing itself, and therefore you can find that we have been using log4j v2.13.3 release in our latest LTS releases Camel 3.7.6, 3.11.4. references: - '' reporter: cisagov last_updated: '2021-12-13T00:00:00' - vendor: Apache product: Camel Quarkus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://camel.apache.org/blog/2021/12/log4j2/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-13T00:00:00' - vendor: Apache product: Camel K cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://camel.apache.org/blog/2021/12/log4j2/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-13T00:00:00' - vendor: Apache product: CamelKafka Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://camel.apache.org/blog/2021/12/log4j2/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-13T00:00:00' - vendor: Apache product: Camel Karaf cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://camel.apache.org/blog/2021/12/log4j2/ notes: The Karaf team is aware of this and are working on a new Karaf 4.3.4 release with updated log4j. references: - '' reporter: cisagov last_updated: '2021-12-13T00:00:00' - vendor: Apache product: Camel JBang cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <=3.1.4 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://camel.apache.org/blog/2021/12/log4j2/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-13T00:00:00' - vendor: Apache product: Camel 2 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://camel.apache.org/blog/2021/12/log4j2/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-13T00:00:00' - vendor: Apache product: Druid cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < druid 0.22.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/apache/druid/releases/tag/druid-0.22.1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Apache product: Flink cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - < 1.14.2 - 1.13.5 - 1.12.7 - 1.11.6 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://flink.apache.org/2021/12/10/log4j-cve.html notes: 'To clarify and avoid confusion: The 1.14.1 / 1.13.4 / 1.12.6 / 1.11.5 releases, which were supposed to only contain a Log4j upgrade to 2.15.0, were skipped because CVE-2021-45046 was discovered during the release publication. The new 1.14.2 / 1.13.5 / 1.12.7 / 1.11.6 releases include a version upgrade for Log4j to version 2.16.0 to address CVE-2021-44228 and CVE-2021-45046.' references: - '[https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html](https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html)' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Apache product: Kafka cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kafka.apache.org/cve-list notes: The current DB lists Apache Kafka as impacted. Apache Kafka uses Log4jv1, not v2. references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Apache product: Kafka cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Unknown fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://logging.apache.org/log4j/2.x/security.html notes: Only vulnerable in certain configuration(s) references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Apache product: Log4j cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 2.15.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://logging.apache.org/log4j/2.x/security.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Apache product: Solr cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 7.4.0 to 7.7.3 - 8.0.0 to 8.11.0 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 notes: Update to 8.11.1 or apply fixes as described in Solr security advisory references: - '[Apache Solr 8.11.1 downloads](https://solr.apache.org/downloads.html)' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Apache product: Struts 2 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - Versions before 2.5.28.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://struts.apache.org/announce-2021 notes: The Apache Struts group is pleased to announce that Struts 2.5.28.1 is available as a “General Availability” release. The GA designation is our highest quality grade. This release addresses Log4j vulnerability CVE-2021-45046 by using the latest Log4j 2.12.2 version (Java 1.7 compatible). references: - '[Apache Struts Release Downloads](https://struts.apache.org/download.cgi#struts-ga)' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Apache product: Tomcat cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - 9.0.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tomcat.apache.org/security-9.html notes: Apache Tomcat 9.0.x has no dependency on any version of log4j. Web applications deployed on Apache Tomcat may have a dependency on log4j. You should seek support from the application vendor in this instance. It is possible to configure Apache Tomcat 9.0.x to use log4j 2.x for Tomcat's internal logging. This requires explicit configuration and the addition of the log4j 2.x library. Anyone who has switched Tomcat's internal logging to log4j 2.x is likely to need to address this vulnerability. In most cases, disabling the problematic feature will be the simplest solution. Exactly how to do that depends on the exact version of log4j 2.x being used. Details are provided on the [log4j 2.x security page](https://logging.apache.org/log4j/2.x/security.html) references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Apereo product: CAS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 6.3.x & 6.4.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://apereo.github.io/2021/12/11/log4j-vuln/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Apereo product: Opencast cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 9.10 - < 10.6 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/opencast/opencast/security/advisories/GHSA-mf4f-j588-5xm8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Application Performance Ltd product: DBMarlin cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - Not Affected fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Apigee product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.apigee.com/incidents/3cgzb0q2r10p notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Apollo product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.apollographql.com/t/log4j-vulnerability/2214 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Appdynamics product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Appeon product: PowerBuilder cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Appeon PowerBuilder 2017-2021 regardless of product edition fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: AppGate product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.appgate.com/blog/appgate-sdp-unaffected-by-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Appian product: Appian Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.appian.com/support/w/kb/2511/kb-2204-information-about-the-log4j2-security-vulnerabilities-cve-2021-44228-cve-2021-45046 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Application Performance Ltd product: DBMarlin cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.dbmarlin.com/docs/faqs/frequently-asked-questions/?_ga=2.72968147.1563671049.1639624574-1296952804.1639624574#apache-log4j-vulnerability-cve-2021-4428 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: APPSHEET product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Aptible product: Aptible cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - ElasticSearch 5.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: APC by Schneider Electric product: Powerchute Business Edition cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - v9.5 - v10.0.1 - v10.0.2 - v10.0.3 - v10.0.4 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345 notes: Mitigation instructions to remove the affected class. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: APC by Schneider Electric product: Powerchute Network Shutdown cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '4.2' - '4.3' - '4.4' - 4.4.1 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345 notes: Mitigation instructions to remove the affected class. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Aqua Security product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.google.com/document/d/e/2PACX-1vSmFR3oHPXOih1wENKd7RXn0dsHzgPUe91jJwDTsaVxJtcJEroktWNLq7BMUx9v7oDZRHqLVgkJnqCm/pub notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Arbiter Systems product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.arbiter.com/news/index.php?id=4403 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Arca Noae product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.arcanoae.com/apache-log4j-vulnerability-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Arcserve product: Arcserve Backup cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.storagecraft.com/s/article/Log4J-Update notes: '' references: - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Arcserve product: Arcserve Continuous Availability cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.storagecraft.com/s/article/Log4J-Update notes: '' references: - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Arcserve product: Arcserve Email Archiving cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.storagecraft.com/s/article/Log4J-Update notes: '' references: - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Arcserve product: Arcserve UDP cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 6.5-8.3 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.storagecraft.com/s/article/Log4J-Update notes: '' references: - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Arcserve product: ShadowProtect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.storagecraft.com/s/article/Log4J-Update notes: '' references: - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Arcserve product: ShadowXafe cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.storagecraft.com/s/article/Log4J-Update notes: '' references: - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Arcserve product: Solo cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.storagecraft.com/s/article/Log4J-Update notes: '' references: - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Arcserve product: StorageCraft OneXafe cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.storagecraft.com/s/article/Log4J-Update notes: '' references: - '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: ArcticWolf product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://arcticwolf.com/resources/blog/log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Arduino product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.arduino.cc/hc/en-us/articles/4412377144338-Arduino-s-response-to-Log4j2-vulnerability-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Ariba product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://connectsupport.ariba.com/sites#announcements-display&/Event/908469 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Arista product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Aruba Networks product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://asp.arubanetworks.com/notifications/Tm90aWZpY2F0aW9uOjEwMTQ0;notificationCategory=Security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Ataccama product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ataccama.com/files/log4j2-vulnerability-cve-2021-44228-fix.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atera product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.reddit.com/r/atera/comments/rh7xb1/apache_log4j_2_security_advisory_update/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Bamboo Server & Data Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html notes: This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Bitbucket Server & Data Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html notes: This product is not vulnerable to remote code execution but may leak information due to the bundled Elasticsearch component being vulnerable. references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Confluence Server & Data Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html notes: This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Crowd Server & Data Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html notes: This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Crucible cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html notes: This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Fisheye cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html notes: This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Atlassian product: Jira Server & Data Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html notes: This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Attivo networks product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AudioCodes product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://services.audiocodes.com/app/answers/kbdetail/a_id/2225 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Autodesk product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html notes: Autodesk is continuing to perform a thorough investigation in relation to the recently discovered Apache Log4j security vulnerabilities. We continue to implement several mitigating factors for our products including patching, network firewall blocks, and updated detection signatures to reduce the threat of this vulnerability and enhance our ability to quickly respond to potential malicious activity. We have not identified any compromised systems in the Autodesk environment due to this vulnerability, at this time. This is an ongoing investigation and we will provide updates on the [Autodesk Trust Center as we learn more](https://www.autodesk.com/trust/overview). references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Automox product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.automox.com/log4j-critical-vulnerability-scores-a-10 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Autopsy product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.autopsy.com/autopsy-and-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Auvik product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.auvik.com/incidents/58bfngkz69mj notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Avantra SYSLINK product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avantra.com/support/solutions/articles/44002291388-cve-2021-44228-log4j-2-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Avaya product: Avaya Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '3.5' - '3.6' - 3.6.1 - '3.7' - '4' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Aura for OneCloud Private cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: Avaya is scanning and monitoring its OneCloud Private environments as part of its management activities. Avaya will continue to monitor this fluid situation and remediations will be made as patches become available, in accordance with appropriate change processes. references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Aura® Application Enablement Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 8.1.3.2 - 8.1.3.3 - '10.1' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '[PSN020551u](https://download.avaya.com/css/public/documents/101079386)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Aura® Contact Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 7.0.2 - 7.0.3 - '7.1' - 7.1.1 - 7.1.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Aura® Device Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '8' - '8.1' - 8.1.4 - 8.1.5 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Aura® Media Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 8.0.0 - 8.0.1 - 8.0.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '[PSN020549u](https://download.avaya.com/css/secure/documents/101079316)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Aura® Presence Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '10.1' - 7.1.2 - '8' - 8.0.1 - 8.0.2 - '8.1' - 8.1.1 - 8.1.2 - 8.1.3 - 8.1.4 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Aura® Session Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '10.1' - 7.1.3 - '8' - 8.0.1 - '8.1' - 8.1.1 - 8.1.2 - 8.1.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '[PSN020550u](https://download.avaya.com/css/public/documents/101079384)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Aura® System Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '10.1' - 8.1.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '[PSN005565u](https://download.avaya.com/css/secure/documents/101079390)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Aura® Web Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.11[P] - 3.8.1[P] - 3.8[P] - 3.9.1 [P] - 3.9[P] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Breeze™ cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '3.7' - '3.8' - 3.8.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Contact Center Select cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 7.0.2 - 7.0.3 - '7.1' - 7.1.1 - 7.1.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya CRM Connector - Connected Desktop cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '2.2' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Device Enablement Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.1.22 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Meetings cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 9.1.10 - 9.1.11 - 9.1.12 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya one cloud private -UCaaS - Mid Market Aura cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '1' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya OneCloud-Private cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '2' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Session Border Controller for Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 8.0.1 - '8.1' - 8.1.1 - 8.1.2 - 8.1.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '[PSN020554u](https://download.avaya.com/css/public/documents/101079394)' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Social Media Hub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Workforce Engagement cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '5.3' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Business Rules Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '3.4' - '3.5' - '3.6' - '3.7' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Callback Assist cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '5' - 5.0.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Control Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 9.0.2 - 9.0.2.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Device Enrollment Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '3.1' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Equinox™ Conferencing cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 9.1.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Interaction Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 7.3.9 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: IP Office™ Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 11.0.4 - '11.1' - 11.1.1 - 11.1.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Proactive Outreach Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.1.2 - 3.1.3 - '4' - 4.0.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Avaya product: Avaya Aura® Device Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 8.0.1 - 8.0.2 - 8.1.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: AVEPOINT product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.avepoint.com/company/java-zero-day-vulnerability-notification notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AVM product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://avm.de/service/aktuelle-sicherheitshinweise/#Schwachstelle%20im%20Java-Projekt%20%E2%80%9Elog4j%E2%80%9C notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AvTech RoomAlert product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://avtech.com/articles/23124/java-exploit-room-alert-link/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AWS New product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AXON product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.axon.com/s/trust/response-to-log4j2-vuln?language=en_US notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: AXS Guard product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.axsguard.com/en_US/blog/security-news-4/log4j-vulnerability-77 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: Axways Applications product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.axway.com/news/1331/lang/en notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:26+00:00' - vendor: B&R Industrial Automation product: APROL cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.br-automation.com/downloads_br_productcatalogue/assets/1639507581859-en-original-1.0.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Baxter product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BackBox product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://updates.backbox.com/V6.5/Docs/CVE-2021-44228.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Balbix product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.balbix.com/blog/broad-exposure-to-log4shell-cve-2021-44228-highlights-how-the-attack-surface-has-exploded/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Baramundi Products product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.baramundi.com/index.php?threads/baramundi-produkte-von-log4shell-schwachstelle-in-log4j-nicht-betroffen.12539/#post-62875 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Barco product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.barco.com/en/support/knowledge-base/kb12495 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Barracuda product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.barracuda.com/company/legal/trust-center notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BBraun product: Outlook® Safety Infusion System Pump family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BBraun product: Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor® Space® Infusion cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BBraun product: Pump, SpaceStation, and Space® Wireless Battery) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BBraun product: DoseTrac® Server, DoseLink™ Server, and Space® Online Suite Server software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BBraun product: Pinnacle® Compounder cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BBraun product: APEX® Compounder cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: Arctic Sun™ Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD Diabetes Care App Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD HealthSight™ Clinical Advisor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD HealthSight™ Data Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD HealthSight™ Diversion Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD HealthSight™ Infection Advisor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD HealthSight™ Inventory Optimization Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD HealthSight™ Medication Safety cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD Knowledge Portal for Infusion Technologies cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD Knowledge Portal for Medication Technologies cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD Knowledge Portal for BD Pyxis™ Supply cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD Synapsys™ Informatics Solution cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: BD product: BD Veritor™ COVID At Home Solution Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Beckman Coulter product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Beijer Electronics product: acirro+ cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Beijer Electronics product: BFI frequency inverters cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Beijer Electronics product: BSD servo drives cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Beijer Electronics product: CloudVPN cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Beijer Electronics product: FnIO-G and M Distributed IO cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Beijer Electronics product: iX Developer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Beijer Electronics product: Nexto modular PLC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Beijer Electronics product: Nexto Xpress compact controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Beijer Electronics product: WARP Engineering Studio cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: BioMerieux product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.biomerieux.com/en/cybersecurity-data-privacy notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Bender product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.bender.de/en/cert notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BeyondTrust product: Privilege Management Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Unknown unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: BeyondTrust product: Privilege Management Reporting in BeyondInsight cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '21.2' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: BeyondTrust product: Secure Remote Access appliances cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Unknown cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: BeyondTrust Bomgar product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BisectHosting product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BitDefender product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BitNami By VMware product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.bitnami.com/general/security/security-2021-12-10/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BitRise product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.bitrise.io/post/bitrises-response-to-log4j-vulnerability-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Bitwarden product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bitwarden.com/t/log4j-log4shell-cve-is-bitwarden-affected-due-to-docker-image/36177/2 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Biztory product: Fivetran cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.biztory.com/blog/apache-log4j2-vulnerability notes: '' references: - Vendor review indicated Fivetran is not vulnerable to Log4j2 reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Black Kite product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blackkite.com/log4j-rce-vulnerability-log4shell-puts-millions-at-risk/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Blancco product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.blancco.com/display/NEWS/2021/12/12/CVE-2021-44228+-+Critical+vulnerability+in+Apache+Log4j+library notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Blumira product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.blumira.com/cve-2021-44228-log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: Bladelogic Database Automation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC AMI Ops cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC AMI Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Compuware cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Automation Console cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Business Workflows cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Client Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Cloud Cost cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Cloud Security cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix CMDB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Continuous Optimization cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Control-M cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Digital Workplace cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Discovery cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix ITSM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Knowledge Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Operations Management with AIOps cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Remediate cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Remediate cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Remedyforce cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: BMC Helix Virtual Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: Cloud Lifecycle Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: Control-M cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: Footprints cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: MainView Middleware Administrator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: MainView Middleware Monitor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: Remedy ITSM (IT Service Management) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: SmartIT cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: Track-It! cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: TrueSight Automation for Networks cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: TrueSight Automation for Servers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: TrueSight Capacity Optimization cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: TrueSight Infrastructure Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: TrueSight Operations Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BMC product: TrueSight Orchestration cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Boston Scientific product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Bosch product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://bosch-iot-suite.com/news/apache-log4j-rce-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Box product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.box.com/boxs-statement-recent-log4j-vulnerability-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Brainworks product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.brainworks.de/log4j-exploit-kerio-connect-workaround/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: BrightSign product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://brightsign.atlassian.net/wiki/spaces/DOC/pages/370679198/Security+Statement+Log4J+Meltdown+and+Spectre+Vulnerabilities#SecurityStatement%3ALog4J%2CMeltdownandSpectreVulnerabilities-JavaApacheLog4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Advanced Secure Gateway (ASG) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Automic Automation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://knowledge.broadcom.com/external/article?articleId=230308 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: BCAAA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: CA Advanced Authentication cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '9.1' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: CA Risk Authentication cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: CA Strong Authentication cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Cloud Workload Protection (CWP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Cloud Workload Protection for Storage (CWP:S) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: CloudSOC Cloud Access Security Broker (CASB) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Content Analysis (CA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Critical System Protection (CSP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Data Center Security (DCS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Data Loss Prevention (DLP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Email Security Service (ESS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Ghost Solution Suite (GSS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: HSM Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Industrial Control System Protection (ICSP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Integrated Cyber Defense Manager (ICDm) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Integrated Secure Gateway (ISG) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: IT Management Suite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Layer7 API Developer Portal cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Layer7 API Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Layer7 Mobile API Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Management Center (MC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: PacketShaper (PS) S-Series cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: PolicyCenter (PC) S-Series cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Privileged Access Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Privileged Access Manager Server Control cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Privileged Identity Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: ProxySG cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Reporter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Secure Access Cloud (SAC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Security Analytics (SA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: SiteMinder (CA Single Sign-On) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: SSL Visibility (SSLV) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Control Compliance Suite (CCS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Directory cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Endpoint Detection and Response (EDR) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Endpoint Encryption (SEE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Endpoint Protection (SEP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Endpoint Protection (SEP) for Mobile cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Endpoint Protection Manager (SEPM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '14.3' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Identity Governance and Administration (IGA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Mail Security for Microsoft Exchange (SMSMSE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Messaging Gateway (SMG) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec PGP Solutions cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Protection Engine (SPE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Symantec Protection for SharePoint Servers (SPSS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: VIP cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: VIP Authentication Hub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Web Isolation (WI) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: Web Security Service (WSS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Broadcom product: WebPulse cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: C4b XPHONE product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.c4b.com/de/news/log4j.php notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Campbell Scientific product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://s.campbellsci.com/documents/us/miscellaneous/log4j2-vulnerability.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-23T00:00:00' - vendor: Camunda product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.camunda.org/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228/31910 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Canary Labs product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://helpcenter.canarylabs.com/t/83hjjk0/log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Canon product: CT Medical Imaging Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Canon product: MR Medical Imaging Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Canon product: UL Medical Imaging Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Canon product: XR Medical Imaging Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Canon product: NM Medical Imaging Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Canon product: Vitrea Advanced 7.x cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Canon product: Infinix-i (Angio Workstation) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Canon product: Alphenix (Angio Workstation) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: CapStorm product: Copystorm cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: CarbonBlack product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Carestream product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.carestream.com/en/us/services-and-support/cybersecurity-and-privacy notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: CAS genesisWorld product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://helpdesk.cas.de/CASHelpdesk/FAQDetails.aspx?gguid=0x79F9E881EE3C46C1A71BE9EB3E480446 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cato Networks product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.catonetworks.com/blog/cato-networks-rapid-response-to-the-apache-log4j-remote-code-execution-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cepheid product: C360 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.cepheid.com/en_US/legal/product-security-updates notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Cepheid product: GeneXpert cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.cepheid.com/en_US/legal/product-security-updates notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Cerberus FTP product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Chaser Systems product: discrimiNAT Firewall cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/#are-chasers-products-affected notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: CloudGuard cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportcontent.checkpoint.com/solutions?id=sk176865 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: Harmony Endpoint & Harmony Mobile cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportcontent.checkpoint.com/solutions?id=sk176865 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: Infinity Portal cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportcontent.checkpoint.com/solutions?id=sk176865 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: Quantum Security Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportcontent.checkpoint.com/solutions?id=sk176865 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: Quantum Security Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportcontent.checkpoint.com/solutions?id=sk176865 notes: Where used, uses the 1.8.0\_u241 version of the JRE that protects against this attack by default. references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: SMB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportcontent.checkpoint.com/solutions?id=sk176865 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Check Point product: ThreatCloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportcontent.checkpoint.com/solutions?id=sk176865 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: CheckMK product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.checkmk.com/t/checkmk-not-affected-by-log4shell/28643/3 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Ciphermail product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ciphermail.com/blog/ciphermail-gateway-and-webmail-messenger-are-not-vulnerable-to-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: CircleCI product: CircleCI cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.circleci.com/t/circleci-log4j-information-cve-2021-4422 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: CIS product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cisecurity.atlassian.net/servicedesk/customer/portal/15/article/2434301961 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: AppDynamics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Common Services Platform Collector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Network Services Orchestrator (NSO) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco System Architecture Evolution Gateway (SAEGW) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco ACI Multi-Site Orchestrator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco ACI Virtual Edge cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Adaptive Security Appliance (ASA) Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Advanced Web Security Reporting Application cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco AMP Virtual Private Cloud Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco AnyConnect Secure Mobility Client cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Application Policy Infrastructure Controller (APIC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco ASR 5000 Series Routers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Broadcloud Calling cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco BroadWorks cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Catalyst 9800 Series Wireless Controllers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco CloudCenter Suite Admin cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco CloudCenter Workload Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Cognitive Intelligence cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Computer Telephony Integration Object Server (CTIOS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Connected Grid Device Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:27+00:00' - vendor: Cisco product: Cisco Connected Mobile Experiences cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Connectivity cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Contact Center Domain Manager (CCDM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Contact Center Management Portal (CCMP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Crosswork Change Automation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco CX Cloud Agent Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Data Center Network Manager (DCNM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Defense Orchestrator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco DNA Assurance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco DNA Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco DNA Spaces cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: DUO network gateway (on-prem/self-hosted) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Elastic Services Controller (ESC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Emergency Responder cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Enterprise Chat and Email cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Enterprise NFV Infrastructure Software (NFVIS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Evolved Programmable Network Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Extensible Network Controller (XNC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Finesse cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Firepower Management Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Firepower Threat Defense (FTD) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco GGSN Gateway GPRS Support Node cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco HyperFlex System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Identity Services Engine (ISE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Integrated Management Controller (IMC) Supervisor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Intersight cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Intersight Virtual Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco IOS and IOS XE Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco IoT Operations Dashboard cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco IOx Fog Director cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco IP Services Gateway (IPSG) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Kinetic for Cities cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco MDS 9000 Series Multilayer Switches cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Meeting Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco MME Mobility Management Entity cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Modeling Labs cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Network Assessment (CNA) Tool cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Network Assurance Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Network Convergence System 2000 Series cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Network Planner cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus 5500 Platform Switches cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus 5600 Platform Switches cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus 6000 Series Switches cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus 7000 Series Switches cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus Dashboard (formerly Cisco Application Services Engine) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus Data Broker cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Nexus Insights cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Optical Network Planner cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Packaged Contact Center Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Paging Server (InformaCast) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Paging Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco PDSN/HA Packet Data Serving Node and Home Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco PGW Packet Data Network Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Policy Suite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Central for Service Providers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Collaboration Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Collaboration Provisioning cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Infrastructure cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime License Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Network cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Optical for Service Providers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Provisioning cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Prime Service Catalog cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Registered Envelope Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 1000 Series Routers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 2000 Series Routers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge 5000 Series Routers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco SD-WAN vEdge Cloud Router Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco SD-WAN vManage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Secure Network Analytics (SNA), formerly Stealthwatch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco SocialMiner cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco TelePresence Management Suite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco UCS Director cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco UCS Performance Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Umbrella cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Advanced cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Business Edition cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Department Edition cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Enterprise Edition cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Attendant Console Premium Edition cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Communications Manager Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Contact Center Enterprise - Live Data server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Contact Center Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Contact Center Express cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified Intelligent Contact Management Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Unified SIP Proxy Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Video Surveillance Operations Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Virtualized Voice Browser cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Vision Dynamic Signage Director cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco WAN Automation Engine (WAE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Web Security Appliance (WSA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Webex Cloud-Connected UC (CCUC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Webex Meetings Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Webex Teams cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Cisco Wide Area Application Services (WAAS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Duo cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: duo network gateway (on-prem/self-hosted) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Exony Virtualized Interaction Manager (VIM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cisco product: Managed Services Accelerator (MSX) Network Access Control Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Citrix product: Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All Platforms cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.citrix.com/article/CTX335705 notes: Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Citrix product: Citrix Application Delivery Management (NetScaler MAS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All Platforms cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.citrix.com/article/CTX335705 notes: Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Citrix product: Citrix Cloud Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.citrix.com/article/CTX335705 notes: Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Citrix product: Citrix Connector Appliance for Cloud Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.citrix.com/article/CTX335705 notes: Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Citrix product: Citrix Content Collaboration (ShareFile Integration) – Citrix Files for Windows, Citrix Files for Mac, Citrix Files for Outlook cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.citrix.com/article/CTX335705 notes: Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Citrix product: Citrix Endpoint Management (Citrix XenMobile Server) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.citrix.com/article/CTX335705 notes: 'For CVE-2021-44228 and CVE-2021-45046: Impacted–Customers are advised to apply the latest CEM rolling patch updates listed below as soon as possible to reduce the risk of exploitation. [XenMobile Server 10.14 RP2](https://support.citrix.com/article/CTX335763); [XenMobile Server 10.13 RP5](https://support.citrix.com/article/CTX335753); and [XenMobile Server 10.12 RP10](https://support.citrix.com/article/CTX335785). Note: Customers who have upgraded their XenMobile Server to the updated versions are recommended not to apply the responder policy mentioned in the blog listed below to the Citrix ADC vserver in front of the XenMobile Server as it may impact the enrollment of Android devices. For CVE-2021-45105: Investigation in progress.' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Citrix product: Citrix Hypervisor (XenServer) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.citrix.com/article/CTX335705 notes: Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Citrix product: Citrix License Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.citrix.com/article/CTX335705 notes: Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Citrix product: Citrix SD-WAN cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All Platforms cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.citrix.com/article/CTX335705 notes: Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Citrix product: ShareFile Storage Zones Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.citrix.com/article/CTX335705 notes: Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Citrix product: Citrix Virtual Apps and Desktops (XenApp & XenDesktop) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.citrix.com/article/CTX335705 notes: 'IMPACTED: Linux VDA (non-LTSR versions only)- CVE-2021-44228 and CVE-2021-45046: Customers are advised to apply the latest update as soon as possible to reduce the risk of exploitation. [Linux Virtual Delivery Agent 2112](https://www.citrix.com/downloads/citrix-virtual-apps-and-desktops/components/linux-vda-2112.html). See the [Citrix Statement](https://support.citrix.com/article/CTX335705) for additional mitigations. For CVE-2021-45105: Investigation has shown that Linux VDA is not impacted. Nonetheless, the Linux VDA 2112 has been updated (21.12.0.30, released December 20th) to contain Apache log4j version 2.17.0. NOT IMPACTED: Linux VDA LTSR all versions; All other CVAD components.' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Citrix product: Citrix Workspace App cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All Platforms cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.citrix.com/article/CTX335705 notes: Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Claris product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.claris.com/s/article/CVE-2021-44228-Apache-Log4j-Vulnerability-and-Claris-products?language=en_US notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: AM2CM Tool cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Ambari cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Only versions 2.x - 1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Arcadia Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Only version 7.1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: CDH, HDP, and HDF cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Only version 6.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: CDP Operational Database (COD) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: CDP Private Cloud Base cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Only version 7.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: CDS 3 Powered by Apache Spark cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: CDS 3.2 for GPUs cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Cybersecurity Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Engineering (CDE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Engineering (CDE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Flow (CFM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Science Workbench (CDSW) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Only versions 2.x - 3.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Visualization (CDV) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Warehouse (CDW) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Data Warehouse (CDW) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera DataFlow (CDF) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Edge Management (CEM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Only version 6.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Flow Management (CFM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Machine Learning (CML) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Machine Learning (CML) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Only versions 7.0.x - 7.1.x - 7.2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Manager (Including Backup Disaster Recovery (BDR)) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Runtime (including Cloudera Data Hub and all Data Hub templates) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Only versions 7.0.x - 7.1.x - 7.2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Stream Processing (CSP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Streaming Analytics (CSA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Cloudera Streaming Analytics (CSA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Data Analytics Studio (DAS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Data Catalog cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Data Lifecycle Manager (DLM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Data Steward Studio (DSS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Hortonworks Data Flow (HDF) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Hortonworks Data Platform (HDP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Only versions 7.1.x - 2.7.x - 2.6.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Hortonworks DataPlane Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Management Console cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Management Console for CDP Public Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Replication Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: SmartSense cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Workload Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Workload XM (SaaS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudera product: Workload XM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: CloudFlare product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudian HyperStore product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloudian-support.force.com/s/article/SECURITY-Cloudian-HyperStore-Log4j-vulnerability-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudogu product: Ecosystem cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.cloudogu.com/t/security-vulnerability-log4shell-cve-2021-44228/417 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudogu product: SCM-Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://scm-manager.org/blog/posts/2021-12-13-log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cloudron product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.cloudron.io/topic/6153/log4j-and-log4j2-library-vulnerability?lang=en-US notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Clover product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.clover.com/articles/35868/apache-log4j-vulnerability-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Code42 product: Code42 App cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 8.8.1 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://success.code42.com/hc/en-us/articles/4416158712343-RELEASE-NOTIFICATION-Code42-Vulnerability-Mitigation-for-CVE-2021-44228-and-other-updates notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Code42 product: Crashplan cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '8.8' - possibly prior versions unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://success.code42.com/hc/en-us/articles/4416158712343-RELEASE-NOTIFICATION-Code42-Vulnerability-Mitigation-for-CVE-2021-44228-and-other-updates notes: I think, they don't specify in the notice, but we know that they released an updated Crashplan client. Possibly prior versions affected. references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: CodeBeamer product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://codebeamer.com/cb/wiki/19872365 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Codesys product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.codesys.com/news-events/news/article/log4j-not-used-in-codesys.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Cohesity product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.cohesity.com/s/article/Security-Advisory-Apache-Log4j-Remote-Code-Execution-RCE-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: CommVault product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://documentation.commvault.com/v11/essential/146231_security_vulnerability_and_reporting.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Concourse product: Concourse cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/concourse/concourse/discussions/7887 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: ConcreteCMS.com product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.concretecms.com/about/blog/security/concrete-log4j-zero-day-exploit notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: Confluent product: Confluent Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - N/A unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Confluent product: Confluent Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <7.0.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Confluent product: Confluent for Kubernetes cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Confluent product: Confluent Kafka Connectors cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Confluent product: Confluent ElasticSearch Sink Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <11.1.7 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Confluent product: Confluent Google DataProc Sink Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <1.1.5 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Confluent product: Confluent Splunk Sink Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <2.05 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Confluent product: Confluent HDFS 2 Sink Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <10.1.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Confluent product: Confluent HDFS 3 Sink Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <1.1.8 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Confluent product: Confluent VMWare Tanzu GemFire Sink Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <1.0.8 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Connect2id product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://connect2id.com/blog/connect2id-server-12-5-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: ConnectWise product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.connectwise.com/company/trust/advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:28+00:00' - vendor: ContrastSecurity product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.contrastsecurity.com/hc/en-us/articles/4412612486548 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: ControlUp product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.controlup.com/incidents/qqyvh7b1dz8k notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: COPADATA product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.copadata.com/en/support-services/knowledge-base-faq/pare-products-in-the-zenon-product-family-affect-4921/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: CouchBase product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: CPanel product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Cradlepoint product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cradlepoint.com/vulnerability-alerts/cve-2021-44228-apache-log4j-security-vulnerabilities/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Crestron product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.crestron.com/Security/Security_Advisories/Apache-Log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: CrushFTP product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.crushftp.com/download.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: CryptShare product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.cryptshare.com/en/support/cryptshare-support/#c67572 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: CyberArk product: Privileged Threat Analytics (PTA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - N/A unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cyberark-customers.force.com/s/article/Critical-Vulnerability-CVE-2021-44228 notes: '' references: - This advisory is available to customers only and has not been reviewed by CISA. reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Cybereason product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: CyberRes product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.microfocus.com/cyberres/b/sws-22/posts/summary-of-cyberres-impact-from-log4j-or-logshell-logjam-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: DarkTrace product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://customerportal.darktrace.com/inside-the-soc/get-article/201 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Dassault Systèmes product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.dsxclient.3ds.com/mashup-ui/page/resultqa?id=QA00000102301e notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Databricks product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.google.com/document/d/e/2PACX-1vREjwZk17BAHGwj5Phizi4DPFS9EIUbAMX-CswlgbFwqwKXNKZC8MrT-L6wUgfIChsSHtvd_QD3-659/pub notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Datadog product: Datadog Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '>=6.17.0' - <=6.32.2 - '>=7.17.0' - <=7.32.2 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.datadoghq.com/log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Dataminer product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.dataminer.services/responding-to-log4shell-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Datev product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.datev-community.de/t5/Freie-Themen/Log4-J-Schwachstelle/m-p/258185/highlight/true#M14308 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Datto product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.datto.com/blog/dattos-response-to-log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: dCache.org product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dcache.org/post/log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Debian product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security-tracker.debian.org/tracker/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Deepinstinct product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.deepinstinct.com/blog/log4shell-cve-2021-44228-what-you-need-to-know notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Dell product: Alienware Command Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Alienware OC Controls cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Alienware On Screen Display cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Alienware Update cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Atmos cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Azure Stack HCI cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: CalMAN Powered Calibration Firmware cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: CalMAN Ready for Dell cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Centera cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Chameleon Linux Based Diagnostics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Chassis Management Controller (CMC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: China HDD Deluxe cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Cloud Mobility for Dell EMC Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Cloud Tiering Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Connectrix (Cisco MDS 9000 switches) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Connextrix B Series cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: CyberSecIQ Application cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: CyberSense for PowerProtect Cyber Recovery cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell BSAFE Crypto-C Micro Edition cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell BSAFE Crypto-J cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell BSAFE Micro Edition Suite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Calibration Assistant cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Cinema Color cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Cloud Command Repository Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Cloud Management Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Color Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Command Configure cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Command Integration Suite for System Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Command Intel vPro Out of Band cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Command Monitor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Command Power Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Command PowerShell Provider cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Command Update cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Customer Connect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Data Guardian* cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Data Protection* cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Data Recovery Environment cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Data Vault cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Data Vault for Chrome OS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Deployment Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Digital Delivery cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Direct USB Key cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Display Manager 1.5 for Windows / macOS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Display Manager 2.0 for Windows / macOS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC AppSync cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Cloudboost cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC CloudLink cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Container Storage Modules cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Data Computing Appliance (DCA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Data Protection Advisor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC DataIQ cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Disk Library for Mainframe cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC GeoDrive cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Isilon InsightIQ cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC License Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Networking Onie cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC OpenManage Ansible Modules cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC OpenManage integration for Splunk cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC OpenManage Integration for VMware vCenter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC OpenManage Management pack for vRealize Operations cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC OpenManage Operations Connector for Micro Focus Operations Bridge Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: '"Dell EMC PowerMax VMAX VMAX3 and VMAX AFA"' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerPath cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerPath Management Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerProtect Cyber Recovery cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerScale OneFS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerShell for PowerMax cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerShell for Powerstore cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerShell for Unity cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: '"Dell EMC PowerSwitch Z9264F-ON BMC Dell EMC PowerSwitch Z9432F-ON BMC"' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerVault ME4 Series Storage Arrays cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerVault MD3 Series Storage Arrays cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Repository Manager (DRM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC SourceOne cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Systems Update (DSU) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Unisphere 360 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Virtual Storage Integrator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC VPLEX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC XtremIO cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Encryption Enterprise* cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Encryption Personal* cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Endpoint Security Suite Enterprise* cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Hybrid Client cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell ImageAssist cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Insights Client cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Linux Assistant cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Mobile Connect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Monitor ISP (Windows/Mac/Linux) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Monitor SDK cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Networking X-Series cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Open Manage Mobile cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Open Manage Server Administrator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell OpenManage Change Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell OpenManage Enterprise Power Manager Plugin cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Optimizer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell OS Recovery Tool cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Peripheral Manager 1.4 / 1.5 for Windows cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Platform Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Power Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Power Manager Lite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Precision Optimizer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Precision Optimizer for Linux cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Premier Color cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Recovery (Linux) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Remediation Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Remote Execution Engine (DRONE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Security Advisory Update - DSA-2021-088 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Security Management Server & Dell Security Management Server Virtual* cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell SupportAssist SOS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Thin OS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Threat Defense cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell True Color cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Trusted Device cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Update cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dream Catcher cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: DUP Creation Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: DUP Framework (ISG) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Embedded NAS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Embedded Service Enabler cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Equallogic PS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Fluid FS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: iDRAC Service Module (iSM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Infinity MLK (firmware) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Integrated Dell Remote Access Controller (iDRAC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: ISG Accelerators cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: ISG Board & Electrical cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: IsilonSD Management Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: IVE-WinDiag cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Mainframe Enablers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: My Dell cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: MyDell Mobile cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: NetWorker Management Console cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Networking BIOS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Networking DIAG cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Networking N-Series cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Networking OS 10 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Networking OS9 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Networking SD-WAN Edge SD-WAN cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Networking W-Series cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Networking X-Series cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: OMIMSSC (OpenManage Integration for Microsoft System Center) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: OMNIA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: OpenManage Connections - Nagios cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: OpenManage Connections - ServiceNow cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: OpenManage Integration for Microsoft System Center for System Center Operations Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: OpenManage Integration with Microsoft Windows Admin Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: OpenManage Network Integration cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: PowerConnect N3200 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: PowerConnect PC2800 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: PowerConnect PC8100 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: PowerEdge BIOS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: PowerEdge Operating Systems cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: PowerTools Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: PPDM Kubernetes cProxy cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: PPDM VMware vProxy cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Redtail cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Remotely Anywhere cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Riptide (firmware) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Rugged Control Center (RCC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: SD ROM Utility cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: SDNAS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Server Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Smart Fabric Storage Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: SmartByte cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: SMI-S cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Software RAID cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Solutions Enabler cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Solutions Enabler vApp cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Sonic cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: SRS VE cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Storage Center OS and additional SC applications unless otherwise noted cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: SupportAssist Client Commercial cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: SupportAssist Client Consumer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: UCC Edge cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Unisphere for PowerMax cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Unisphere for PowerMax vApp cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Unisphere for VMAX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Unisphere for VNX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Update Manager Plugin cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: ViPR Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: VNX1 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: VNX2 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: VPLEX VS2/VS6 / VPLEX Witness cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Vsan Ready Nodes cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Warnado MLK (firmware) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Wyse Proprietary OS (ThinOS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Wyse Windows Embedded Suite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: APEX Console cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - N/A unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Cloud environment patched references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: APEX Data Storage Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Cloud environment patch in progress references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Cloud IQ cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Cloud environment patched references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Connectrix (Cisco MDS DCNM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/23/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Connectrix B-Series SANnav cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.1.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 3/31/2022 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Data Domain OS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Versions between 7.3.0.5 and 7.7.0.6;Versions before 7.6.0.30 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-274 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Avamar cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"18.2 19.1 19.2 19.3 19.4"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/20/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC BSN Controller Node cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-305 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Cloud Disaster Recovery cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - N/A fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Data Protection Central cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021- 269 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Data Protection Search cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Versions before 19.5.0.7 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-279 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC ECS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/18/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Enterprise Hybrid Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '[link](https://www.dell.com/support/kbdoc/en-us/000194490/dsa-2021-270-enterprise-hybrid-cloud-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Enterprise Storage Analytics for vRealize Operations cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"<6.0.0 6.1.0 6.2.x"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-278 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Integrated System for Azure Stack HCI cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - N/A fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '"Dell EMC Integrated System for Azure Stack HCI is not impacted by this advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect Gateway (SCG) were optionally installed with Dell EMC Integrated System for Azure Stack HCI monitor the following advisories. Apply workaround guidance and remediations as they become [available:](https://www.dell.com/support/kbdoc/en-us/000194622/dsa-2021-307-dell-emc-integrated-system-for-azure-stack-hci-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228)' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Integrated System for Microsoft Azure Stack Hub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - N/A fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC NetWorker Virtual Edition cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"19.5.x 19.4.x 19.3.x"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/20/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC NetWorker Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"19.5.x 19.4.x 19.3.x"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/20/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Networking Virtual Edge Platform with VersaOS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"with Versa Concerto with Versa Analytics with Versa Concero Director"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-304 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerFlex Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"All versions up to Intelligent Catalog 38_356_00_r10.zip All versions up to Intelligent Catalog 38_362_00_r7.zip"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerFlex Software (SDS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"3.5 3.5.1 3.5.1.1 3.5.1.2 3.5.1.3 3.5.1.4 3.6 3.6.0.1 3.6.0.2"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerFlex Rack cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - N/A fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerProtect Data Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions 19.9 and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerProtect DP Series Appliance (iDPA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.7.0 and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC PowerStore cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/23/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC RecoverPoint for Virtual Machine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All 5.0.x and later versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC RecoverPoint Classic cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All 5.1.x and later versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC SRM vApp cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Versions before 4.6.0.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 1/25/2022 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Streaming Data Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/18/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Unity cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/29/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Metro Node cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 7.0.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-308 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC VxRail cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"4.5.x 4.7.x 7.0.x"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell Open Management Enterprise - Modular cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <1.40.10 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-268 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: DellEMC OpenManage Enterprise Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/20/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: OpenManage Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/19/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Ruckus SmartZone 300 Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-303 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Ruckus SmartZone 100 Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-303 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Dell EMC Ruckus Virtual Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-303 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Secure Connect Gateway (SCG) Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"5.00.00 5.00.05 and 4.0.06 and earlier versions (OVF and VHD)"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-282 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Secure Connect Gateway (SCG) Policy Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"5.00.00.10 5.00.05.10"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-281 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: SRS Policy Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '7' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Storage Center - Dell Storage Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: SupportAssist Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/23/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Unisphere Central cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 1/10/2022 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Vblock cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch pending See vce6771 (requires customer login) references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: VNXe 1600 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Versions 3.1.16.10220572 and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/19/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: VNXe 3200 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Version 3.1.15.10216415 and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/19/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: VxBlock cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: '"Patch pending See vce6771 (requires customer login) "' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Various fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-300 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: vRO Plugin for Dell EMC PowerMax cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Version 1.2.3 or earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-300 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: vRO Plugin for Dell EMC PowerScale cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Version 1.1.0 or earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-300 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: vRO Plugin for Dell EMC PowerStore cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Version 1.1.4 or earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-300 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: vRO Plugin for Dell EMC Unity cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Version 1.0.6 or earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-300 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: vRO Plugin for Dell EMC XtremIO cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Version 4.1.2 or earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-300 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: vRealize Data Protection Extension Data Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/19/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: vRealize Data Protection Extension for vRealize Automation (vRA) 8.x cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"version 19.6 version 19.7 version 19.8 and version 19.9"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/19/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: VMware vRealize Automation 8.x cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"8.2 8.3 8.4 8.5 and 8.6"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/19/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: VMware vRealize Orchestrator 8.x cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '"8.2 8.3 8.4 8.5 and 8.6"' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: Patch expected by 12/19/21 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Dell product: Wyse Management Suite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <3.5 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability notes: See DSA-2021-267 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Deltares product: Delft-FEWS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '>2018.02' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://publicwiki.deltares.nl/display/FEWSDOC/Delft-FEWS+and+Log4J+vulnerability notes: Mitigations Only references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Denequa product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://denequa.de/log4j-information.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Device42 product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.device42.com/2021/12/13/log4j-zero-day/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Devolutions product: All products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.devolutions.net/2021/12/critical-vulnerability-in-log4j/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Diebold Nixdorf product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dieboldnixdorf.com/en-us/apache notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Digi International product: CTEK G6200 family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: CTEK SkyCloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: CTEK Z45 family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi 54xx family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi 63xx family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi AnywhereUSB (G2) family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi AnywhereUSB Plus family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Connect family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Connect EZ family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Connect IT family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi ConnectPort family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi ConnectPort LTS family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Connect Sensor family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Connect WS family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Embedded Android cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Embedded Yocto cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi EX routers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi IX routers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi LR54 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi One family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Passport family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi PortServer TS family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi TX routers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi WR11 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi WR21 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi WR31 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi WR44R/RR cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi WR54 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi WR64 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: AnywhereUSB Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Aview cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: ARMT cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: AVWOB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Navigator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Remote Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Digi Xbee mobile app cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Lighthouse cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Realport cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digi International product: Remote Hub Config Utility cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.digi.com/resources/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Digicert product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://knowledge.digicert.com/alerts/digicert-log4j-response.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Digital AI product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.digital.ai/hc/en-us/articles/4412377686674-Log4J-Vulnerability-to-Zero-Day-Exploit-and-Digital-ai#overview-0-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: DNSFilter product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dnsfilter.com/blog/dnsfilter-response-to-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Docker product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Docusign product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: DrayTek product: Vigor Routers, Access Points, Switches, VigorACS Central Management Software, MyVigor Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.draytek.com/about/security-advisory/log4shell-vulnerability-(cve-2021-44228)/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: DSpace product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://groups.google.com/g/dspace-community/c/Fa4VdjiiNyE notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Dynatrace product: Managed cluster nodes cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ notes: Please see Dynatrace Communication for details references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Dynatrace product: SAAS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Dynatrace product: FedRamp SAAS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Dynatrace product: Synthetic public locations cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Dynatrace product: Synthetic Private ActiveGate cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ notes: Please see Dynatrace Communication for details references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Dynatrace product: ActiveGate cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Dynatrace product: OneAgent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Dynatrace product: Dynatrace Extensions cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/ notes: Please see Dynatrace Communication for details references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: EasyRedmine product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.easyredmine.com/news/easy-redmine-application-is-not-affected-by-the-vulnerability-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Eaton product: Undisclosed cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Undisclosed fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Security-Bulletin%20log4j_CVE_2021_44228_v1.0_Legal-Approved.pdf notes: Doesn't openly disclose what products are affected or not for quote 'security purposes'. Needs email registration. No workaround provided due to registration wall. references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: EclecticIQ product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.eclecticiq.com/security-advisories/security-issues-and-mitigation-actions/eiq-2021-0016-2 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Eclipse Foundation product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://wiki.eclipse.org/Eclipse_and_log4j2_vulnerability_(CVE-2021-44228) notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: EFI product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://communities.efi.com/s/article/Are-Fiery-Servers-vulnerable-to-CVE-2021-44228-Apache-Log4j2?language=en_US notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: EGroupware product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.egroupware.org/t/uk-de-statement-log4j-log4shell/76430 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Elastic product: APM Java Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: APM Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Beats cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Cmd cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Elastic Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Elastic Cloud Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Elastic Cloud Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Elastic Cloud on Kubernetes cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Elastic Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Elastic Endgame cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Elastic Maps Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Elasticsearch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '5' - '6' - '8' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Endpoint Security cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Enterprise Search cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Fleet Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Kibana cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Logstash cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <6.8.21 - <7.16.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Machine Learning cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Elastic product: Swiftype cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: ElasticSearch product: all products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:29+00:00' - vendor: Ellucian product: Banner Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Colleague cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: On-prem and cloud deployements expect fixed 12/18/2021 references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Admin cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Enterprise Identity Services(BEIS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Banner Integration for eLearning cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Banner Integration for eProcurement cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Banner Workflow cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Banner Document Management (includes Banner Document Retention) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Advance Web Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian eTranscripts cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Mobile cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Solution Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Banner Event Publisher cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Banner Self Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Colleague Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: CRM Advance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: CRM Advise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: CRM Recruit cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Data Access cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Design Path cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian ePrint cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Ethos API & API Management Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Ethos Extend cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Ethos Integration cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Experience cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Intelligent Platform (ILP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian International Student and Scholar Management (ISSM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Message Service (EMS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Messaging Adapter (EMA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Payment Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Ellucian Portal cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian Workflow cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Ellucian product: Ellucian PowerCampus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ellucian.com/news/ellucian-response-apache-log4j-issue notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: K-Series Coriolis Transmitters cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Prolink Configuration Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Prolink Mobile Application & ProcessViz Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 4732 Endeavor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Vortex and Magmeter Transmitters cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: USM 3410 and 3810 Series Ultrasonic Transmitters cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Mark III Gas and Liquid USM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Flarecheck FlowCheck Flowel & PWAM software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: MPFM2600 & MPFM5726 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: DHNC1 DHNC2 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: WCM SWGM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Fieldwatch and Service consoles cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 5726 Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Plantweb Advisor for Metrology and Metering Suite SDK cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle Monitor' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: K-Series Coriolis Transmitters cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Prolink Configuration Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Prolink Mobile Application & ProcessViz Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 4732 Endeavor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Vortex and Magmeter Transmitters cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: USM 3410 and 3810 Series Ultrasonic Transmitters cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Mark III Gas and Liquid USM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Flarecheck FlowCheck Flowel & PWAM software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: MPFM2600 & MPFM5726 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: DHNC1 DHNC2 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: WCM SWGM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Fieldwatch and Service consoles cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 5726 Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Plantweb Advisor for Metrology and Metering Suite SDK cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 'Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 'Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD)' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 'Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle Monitor' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Incus Ultrasonic gas leak detector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 'Flame Detection: 975UF & 975UR Infrared Flame Detectors 975HR Infrared Hydrogen Flame Detector 975MR Multi-Spectrum Infrared Flame Detector' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 'Liquid Transmitters: 5081 1066 1056 1057 56' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 'Combustion: OCX OXT 6888 CX1100 6888Xi' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Spectrex family Flame Detectors and Rosemount 975 flame detector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: CT4400 QCL General Purpose Continuous Gas Analyzer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: CT5400 QCL General Purpose Continuous Gas Analyzer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: CT5100 QCL Field Housing Continuous Gas Analyzer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: CT5800 QCL Flameproof Housing Continuous Gas Analyzer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: CT4215 QCL Packaging Leak Detection System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: CT2211 QCL Aerosol Microleak Detection System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: CT4404 QCL pMDI Leak Detection Analyzer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: CT4000 QCL Marine OEM Gas Analyzer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: CT3000 QCL Automotive OEM Gas Analyzer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 3051 & 3051S Pressure transmitter families cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 2051 Pressure Transmitter Family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 4088 Pressure Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 2088 Pressure Transmitter Family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 2090F/2090P Pressure Transmitters cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 4600 Pressure Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 215 Pressure Sensor Module cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 550 PT Pressure Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 326P Pressure Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 3144P Temperature Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 644 Temperature Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 848T Temperature Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 148 Temperature Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 248 Temperature Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 326T Temperature Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 327T Temperature Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 648 Temperature Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 4088 Upgrade Utility cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Engineering Assistant 5.x & 6.x cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: 248 Configuration Application cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount IO-Link Assistant cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount TankMaster and TankMaster Mobile cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount RadarMaster and RadarMaster Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount Radar Configuration Tool cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount 2460 System Hub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount 2410 Tank Hub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount 3490 Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount 2230 Graphical Field Display cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount 2240S Multi-input Temperature Transmitter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount CMS/SCU 51/SCC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount CMS/WSU 51/SWF 51 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount CMS/IOU 61 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount Level Transmitters (14xx 33xx 53xx 54xx 56xx) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount Radar Level Gauges (Pro 39xx 59xx) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount Tank Radar Gauges (TGUxx) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Rosemount Level Detectors (21xx) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Emerson product: Emerson Aperio software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: EnterpriseDT product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://enterprisedt.com/blogs/announcements/enterprisedt-does-not-use-log4j/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: ESET product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.eset.com/en/alert8188-information-regarding-the-log4j2-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: ESRI product: ArcGIS Data Store cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ notes: Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: ESRI product: ArcGIS Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ notes: Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: ESRI product: ArcGIS GeoEvent Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ notes: Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: ESRI product: ArcGIS Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ notes: Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: ESRI product: ArcGIS Workflow Manager Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ notes: Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: ESRI product: Portal for ArcGIS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ notes: Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Estos product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.estos.de/de/sicherheitshinweise/estos-von-kritischer-schwachstelle-in-log4j-cve-2021-44228-nicht-betroffen notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Evolveum Midpoint product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://evolveum.com/midpoint-not-vulnerable-to-log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Ewon product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://hmsnetworks.blob.core.windows.net/www/docs/librariesprovider10/downloads-monitored/manuals/release-notes/ecatcher_releasenotes.txt?sfvrsn=4f054ad7_42 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Exabeam product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.exabeam.com/s/discussions?t=1639379479381 notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Exact product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.exact.com/news/general-statement-apache-leak notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Exivity product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.exivity.com/getting-started/releases/announcements#announcement-regarding-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: ExtraHop product: Reveal(x) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <=8.4.6 - <=8.5.3 - <=8.6.4 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forums.extrahop.com/t/extrahop-update-on-log4shell/8148 notes: Versions >8.4.7, >8.5.4, >8.6.5 and >=8.7 are fixed. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: eXtreme Hosting product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://extremehosting.nl/log4shell-log4j/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Extreme Networks product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://extremeportal.force.com/ExtrArticleDetail?an=000100806 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Extron product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.extron.com/featured/Security-at-Extron/extron-security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F-Secure product: Elements Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.f-secure.com/common-business-en/kb/articles/9226-the-log4j-vulnerability-cve-2021-44228-which-f-secure-products-are-affected-what-it-means-what-steps-should-you-take notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F-Secure product: Endpoint Proxy cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 13-15 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.f-secure.com/incidents/sk8vmr0h34pd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F-Secure product: Messaging Security Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.f-secure.com/common-business-en/kb/articles/9226-the-log4j-vulnerability-cve-2021-44228-which-f-secure-products-are-affected-what-it-means-what-steps-should-you-take notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F-Secure product: Policy Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 13-15 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.f-secure.com/incidents/sk8vmr0h34pd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F-Secure product: Policy Manager Proxy cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 13-15 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.f-secure.com/incidents/sk8vmr0h34pd notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: BIG-IP (all modules) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 11.x - 16.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.f5.com/csp/article/K19026212 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: BIG-IQ Centralized Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 7.x-8.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.f5.com/csp/article/K19026212 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: F5OS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 1.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.f5.com/csp/article/K19026212 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: Traffix SDC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 5.x (5.2.0 CF1 - 5.1.0 CF-30 - 5.1.0 CF-33) fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.f5.com/csp/article/K19026212 notes: 'Vulnerable components: EMS-ELK components (Fluentd + Elastic Search + Kibana), Element Management System' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - R19 - R25 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.f5.com/csp/article/K19026212 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Open Source cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 1.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.f5.com/csp/article/K19026212 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Unit cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 1.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.f5.com/csp/article/K19026212 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX App Protect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 3.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.f5.com/csp/article/K19026212 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 3.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.f5.com/csp/article/K19026212 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Ingress Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 1.x - 2.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.f5.com/csp/article/K19026212 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Instance Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 1.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.f5.com/csp/article/K19026212 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: F5 product: NGINX Service Mesh cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 1.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.f5.com/csp/article/K19026212 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: FAST LTA product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.fast-lta.de/en/log4j2-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fastly product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: FedEx product: Ship Manager Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - Unknown fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fedex.com/en-us/shipping/ship-manager/software.html#tab-4 notes: 'Note: FedEx is aware of the issue related to the Log4j Remote Code Execution vulnerability affecting various Apache products. We are actively assessing the situation and taking necessary action as appropriate. As a result, we are temporarily unable to provide a link to download the FedEx Ship Manager software or generate product keys needed for registration of FedEx Ship Manager software. We are working to have this resolved as quickly as possible and apologize for the inconvenience. For related questions or the most updated information, customers should check FedEx Updates for Apache Log4j Issue or contact their Customer Technology representative.' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Fiix product: Fiix CMMS Core cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - v5 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 notes: The product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: FileCap product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://mailchi.mp/3f82266e0717/filecap-update-version-511 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: FileCatalyst product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.filecatalyst.com/index.php/Knowledgebase/Article/View/advisory-log4j-zero-day-security-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: FileCloud product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.getfilecloud.com/supportdocs/display/cloud/Advisory+2021-12-2+Impact+of+Apache+Log4j2+Vulnerability+on+FileCloud+Customers notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: FileWave product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.filewave.com/display/KB/Security+Notice:+Apache+log4j+Vulnerability+CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: FINVI product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://finvi.com/support/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: FireDaemon product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.firedaemon.com/support/solutions/articles/4000178630 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fisher & Paykel Healthcare product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fphcare.com/us/our-company/contact-us/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Flexagon product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://flexagon.com/what-is-the-impact-of-log4j-vulnerability-cve-2021-44228-on-flexdeploy/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Flexera product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.flexera.com/t5/Community-Notices/Flexera-s-response-to-Apache-Log4j-2-remote-code-execution/ba-p/216934 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forcepoint product: DLP Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forcepoint product: Forcepoint Cloud Security Gateway (CSG) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forcepoint product: Next Generation Firewall (NGFW) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forcepoint product: Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service and Sidewinder cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forcepoint product: One Endpoint cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forcepoint product: Security Manager (Web, Email and DLP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Forescout product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forescout.force.com/support/s/article/Important-security-information-related-to-Apache-Log4j-utility-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: ForgeRock product: Autonomous Identity cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://backstage.forgerock.com/knowledge/kb/book/b21824339#1_bzBa notes: all other ForgeRock products Not vulnerable references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiAIOps cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiAnalyzer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiAnalyzer Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiAP cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiAuthenticator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiCASB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiConvertor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiDeceptor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiEDR Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiEDR Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiGate Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiGSLB Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiMail cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiManager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiManager Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiNAC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiNAC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiOS (includes FortiGate & FortiWiFi) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiPhish Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiPolicy cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiPortal cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiRecorder cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiSIEM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiSOAR cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiSwicth Cloud in FortiLANCloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiSwitch & FortiSwitchManager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiToken Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiVoice cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: FortiWeb Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fortinet product: ShieldX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.fortiguard.com/psirt/FG-IR-21-245 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: FTAPI product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ftapi.com/blog/kritische-sicherheitslucke-in-log4j-ftapi-reagiert/# notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Fujitsu product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: FusionAuth product: FusionAuth cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '1.32' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: GE Digital product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://digitalsupport.ge.com/communities/en_US/Alert/GE-Security-Advisories notes: This advisory is available to customers only and has not been reviewed by CISA. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: GE Digital Grid product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://digitalenergy.service-now.com/csm?id=kb_category&kb_category=b8bc715b879c89103f22a93e0ebb3585 notes: This advisory is available to customers only and has not been reviewed by CISA. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: GE Gas Power product: Baseline Security Center (BSC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf notes: Vulnerability to be fixed by vendor provided workaround. No user actions necessary. Contact GE for details. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: GE Gas Power product: Baseline Security Center (BSC) 2.0 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf notes: Vulnerability to be fixed by vendor provided workaround. No user actions necessary. Contact GE for details references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: GE Gas Power product: Asset Performance Management (APM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf notes: GE verifying workaround. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: GE Gas Power product: Control Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf notes: The Control Server is Affected via vCenter. There is a fix for vCenter. Please see below. GE verifying the vCenter fix as proposed by the vendor. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: GE Gas Power product: Tag Mapping Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2021-12-21_Log4J_Vulnerability-GE_Gas_Power_Holding_Statement.pdf notes: Vulnerability fixed. No user actions necessary. Updated to log4j 2.16 references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: GE Healthcare product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://securityupdate.gehealthcare.com notes: This advisory is not available at the time of this review, due to maintence on the GE Healthcare website. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Gearset product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.gearset.com/en/articles/5806813-gearset-log4j-statement-dec-2021 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Genesys product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.genesys.com/blog/post/genesys-update-on-the-apache-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: GeoServer product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - http://geoserver.org/announcements/2021/12/13/logj4-rce-statement.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Gerrit code review product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.gerritcodereview.com/2021-12-13-log4j-statement.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: GFI product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Ghidra product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Gigamon product: Fabric Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <5.13.01.02 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.gigamon.com/gigamoncp/s/my-gigamon notes: Updates available via the Gigamon Support Portal. This advisory available to customers only and has not been reviewed by CISA. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: GitHub product: GitHub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - GitHub.com and GitHub Enterprise Cloud unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: GitLab product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.gitlab.com/t/cve-2021-4428/62763 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Globus product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://groups.google.com/a/globus.org/g/discuss/c/FJK0q0NoUC4 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: GoAnywhere product: MFT cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 6.8.6 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps notes: '' references: - '' reporter: cisagov last_updated: '2021-12-18T00:00:00' - vendor: GoAnywhere product: Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 2.8.4 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps notes: '' references: - '' reporter: cisagov last_updated: '2021-12-18T00:00:00' - vendor: GoAnywhere product: MFT Agents cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 1.6.5 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps notes: '' references: - '' reporter: cisagov last_updated: '2021-12-18T00:00:00' - vendor: GoCD product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.gocd.org/2021/12/14/log4j-vulnerability.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Google Cloud product: AI Platform Data Labeling cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: AI Platform Neural Architecture Search (NAS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: AI Platform Training and Prediction cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Access Transparency cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Actifio cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) for the full statement and to obtain the hotfix (available to Actifio customers only). references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Anthos cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Anthos environments to identify components dependent on Log4j 2 and update them to the latest version. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Anthos Config Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Anthos Connect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Anthos Hub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Anthos Identity Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Anthos Premium Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Anthos Service Mesh cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Anthos on VMWare cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds to their VMware products as they become available. We also recommend customers review their respective applications and workloads affected by the same vulnerabilities and apply appropriate patches. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Apigee cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Apigee installed Log4j 2 in its Apigee Edge VMs, but the software was not used and therefore the VMs were not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. Apigee updated Log4j 2 to v.2.16 as an additional precaution. It is possible that customers may have introduced custom resources that are using vulnerable versions of Log4j. We strongly encourage customers who manage Apigee environments to identify components dependent on Log4j and update them to the latest version. Visit the Apigee Incident Report for more information. references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Google Cloud product: App Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage App Engine environments to identify components dependent on Log4j 2 and update them to the latest version. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: AppSheet cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: The AppSheet core platform runs on non-JVM (non-Java) based runtimes. At this time, we have identified no impact to core AppSheet functionality. Additionally, we have patched one Java-based auxiliary service in our platform. We will continue to monitor for affected services and patch or remediate as required. If you have any questions or require assistance, contact AppSheet Support. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Artifact Registry cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Assured Workloads cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: AutoML cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: AutoML Natural Language cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: AutoML Tables cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: AutoML Translation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: AutoML Video cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: AutoML Vision cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: BigQuery cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: BigQuery Data Transfer Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: BigQuery Omni cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: BigQuery Omni, which runs on AWS and Azure infrastructure, does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. We continue to work with AWS and Azure to assess the situation. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Google Cloud product: Binary Authorization cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Certificate Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Chronicle cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Asset Inventory cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Bigtable cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Google Cloud product: Cloud Build cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Build environments to identify components dependent on Log4j 2 and update them to the latest version. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud CDN cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Composer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Cloud Composer does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. It is possible that customers may have imported or introduced other dependencies via DAGs, installed PyPI modules, plugins, or other services that are using vulnerable versions of Log4j 2. We strongly encourage customers, who manage Composer environments to identify components dependent on Log4j 2 and update them to the latest version. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Google Cloud product: Cloud Console App cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud DNS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Data Loss Prevention cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Debugger cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Deployment Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Endpoints cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud External Key Manager (EKM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Functions cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Functions environments to identify components dependent on Log4j 2 and update them to the latest version. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Harware Security Module (HSM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Intrusion Detection System (IDS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Interconnect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Key Management Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Load Balancing cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Logging cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Network Address Translation (NAT) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Natural Language API cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Profiler cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Router cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Run cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run environments to identify components dependent on Log4j 2 and update them to the latest version. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Run for Anthos cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run for Anthos environments to identify components dependent on Log4j 2 and update them to the latest version. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud SDK cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud SQL cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Google Cloud product: Cloud Scheduler cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Shell cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Shell environments to identify components dependent on Log4j 2 and update them to the latest version. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Source Repositories cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Spanner cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Google Cloud product: Cloud Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Tasks cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Trace cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Traffic Director cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Translation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud VPN cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Cloud Vision cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Cloud Vision OCR On-Prem cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: CompilerWorks cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Compute Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Compute Engine does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. For those using Google Cloud VMware Engine, we are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes to Google Cloud VMware Engine as they become available. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Contact Center AI (CCAI) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Contact Center AI Insights cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Container Registry cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Data Catalog cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Data Catalog has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers who introduced their own connectors to identify dependencies on Log4j 2 and update them to the latest version. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Data Fusion cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Data Fusion does not use Log4j 2, but uses Dataproc as one of the options to execute pipelines. Dataproc released new images on December 18, 2021 to address the vulnerability in CVE-2021-44228 and CVE-2021-45046. Customers must follow instructions in a notification sent on December 18, 2021 with the subject line “Important information about Data Fusion.” references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Database Migration Service (DMS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Google Cloud product: Dataflow cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: 'Dataflow does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. If you have changed dependencies or default behavior, it is strongly recommended you verify there is no dependency on vulnerable versions Log4j 2. Customers have been provided details and instructions in a notification sent on December 17, 2021 with the subject line “Update #1 to Important information about Dataflow.”' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Google Cloud product: Dataproc cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Dataproc released new images on December 18, 2021 to address the vulnerabilities in CVE-2021-44228 and CVE-2021-45046. Customers must follow the instructions in notifications sent on December 18, 2021 with the subject line “Important information about Dataproc” with Dataproc documentation. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Dataproc Metastore cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Dataproc Metastore has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers who need to take actions were sent two notifications with instructions on December 17, 2021 with the subject line “Important information regarding Log4j 2 vulnerability in your gRPC-enabled Dataproc Metastore.” references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Datastore cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Google Cloud product: Datastream cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Google Cloud product: Dialogflow Essentials (ES) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Document AI cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Event Threat Detection cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Eventarc cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Filestore cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Log4j 2 is contained within the Filestore service; there is a technical control in place that mitigates the vulnerabilities in CVE-2021-44228 and CVE-2021-45046. Log4j 2 will be updated to the latest version as part of the scheduled rollout in January 2022. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Firebase cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Firestore cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Google Cloud product: Game Servers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Google Cloud Armor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Google Cloud Armor Managed Protection Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Google Cloud VMware Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: We are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes as they become available. references: - '' reporter: cisagov last_updated: '2021-12-11T00:00:00' - vendor: Google Cloud product: Google Kubernetes Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Google Kubernetes Engine does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Google Kubernetes Engine environments to identify components dependent on Log4j 2 and update them to the latest version. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Healthcare Data Engine (HDE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Human-in-the-Loop AI cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: IoT Core cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Key Access Justifications (KAJ) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Looker cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: \Looker-hosted instances have been updated to a Looker version with Log4j v2.16. Looker is currently working with third-party driver vendors to evaluate the impact of the Log4j vulnerability. As Looker does not enable logging for these drivers in Looker-hosted instances, no messages are logged. We conclude that the vulnerability is mitigated. We continue to actively work with the vendors to deploy a fix for these drivers. Looker customers who self-manage their Looker instances have received instructions through their technical contacts on how to take the necessary steps to address the vulnerability. Looker customers who have questions or require assistance, please visit Looker Support. references: - '' reporter: cisagov last_updated: '2021-12-18T00:00:00' - vendor: Google Cloud product: Media Translation API cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Memorystore cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Google Cloud product: Migrate for Anthos cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Migrate for Compute Engine (M4CE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: M4CE has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. M4CE has been updated to version 4.11.9 to address the vulnerabilities. A notification was sent to customers on December 17, 2021 with subject line “Important information about CVE-2021-44228 and CVE-2021-45046” for M4CE V4.11 or below. If you are on M4CE v5.0 or above, no action is needed. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Google Cloud product: Network Connectivity Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Network Intelligence Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Network Service Tiers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Persistent Disk cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Pub/Sub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Google Cloud product: Pub/Sub Lite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Pub/Sub Lite environments to identify components dependent on Log4j 2 and update them to the latest version. references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Google Cloud product: reCAPTCHA Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Recommendations AI cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Retail Search cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Risk Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Secret Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Security Command Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Service Directory cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Service Infrastructure cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Speaker ID cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Speech-to-Text cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Speech-to-Text On-Prem cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Storage Transfer Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Talent Solution cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Text-to-Speech cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Transcoder API cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Transfer Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Video Intelligence API cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Virtual Private Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Google Cloud product: Web Security Scanner cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Google Cloud product: Workflows cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.google.com/log4j2-security-advisory notes: Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Gradle product: Gradle cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.gradle.org/log4j-vulnerability notes: Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:30+00:00' - vendor: Gradle product: Gradle Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 2021.3.6 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.gradle.com/advisory/2021-11 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gradle product: Gradle Enterprise Build Cache Node cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 10.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.gradle.com/advisory/2021-11 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gradle product: Gradle Enterprise Test Distribution Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 1.6.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.gradle.com/advisory/2021-11 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Grafana product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Grandstream product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: Access Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 3.10.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: Access Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 3.5.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: API Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 3.10.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: API Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 3.5.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: Alert Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 1.5.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: Alert Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 1.4.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee product: Cockpit cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 1.4.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravitee.io product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Gravwell product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Graylog product: Graylog Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions >= 1.2.0 and <= 4.2.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.graylog.org/post/graylog-update-for-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: GreenShot product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://greenshot.atlassian.net/browse/BUG-2871 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: GSA product: Cloud.gov cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cloud.gov/2021/12/14/log4j-buildpack-updates/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Guidewire product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.guidewire.com/s/article/Update-to-customers-who-have-questions-about-the-use-of-log4j-in-Guidewire-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HAProxy product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.haproxy.com/blog/december-2021-log4shell-mitigation/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HarmanPro AMX product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.harmanpro.com/apache-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Boundary cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Consul cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Consul Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Nomad cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Nomad Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Packer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Terraform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Terraform Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Vagrant cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Vault cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Vault Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HashiCorp product: Waypoint cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HCL Software product: BigFix Compliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 2.0.1 - 2.0.4 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 notes: Not Affected for related CVE-2021-45046 references: - '[Forum post with more specifics](https://forum.bigfix.com/t/bigfix-compliance-has-a-remediation-for-log4j-vulnerability-cve-2021-44228/40197)' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: HCL Software product: BigFix Insights cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 notes: Not Affected for related CVE-2021-45046 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: HCL Software product: BigFix Insights for Vulnerability Remediation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 notes: Not Affected for related CVE-2021-45046 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: HCL Software product: BigFix Inventory cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - < 10.0.7 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 notes: Not Affected for related CVE-2021-45046 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: HCL Software product: BigFix Lifecycle cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 notes: Not Affected for related CVE-2021-45046 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: HCL Software product: BigFix Mobile cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 notes: Not Affected for related CVE-2021-45046 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: HCL Software product: BigFix Patch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 notes: Not Affected for related CVE-2021-45046 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: HelpSystems Clearswift product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.helpsystems.com/kb-nav/kb-article/?id=37becc1c-255c-ec11-8f8f-6045bd006687 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HENIX product: Squash TM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 1.21.7 - 1.22.9 - 2.0.3 - 2.1.5 - 2.2.0 - 3.0.2 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tm-en.doc.squashtest.com/v3/downloads.html#download-previous-versions notes: '' references: - '' reporter: cisagov last_updated: '2021-12-23T00:00:00' - vendor: Hexagon product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2?language=en_US notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Hikvision product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://video.xortec.de/media/pdf/87/e8/03/kw50_Update-for-Apache-Log4j2-Issue-Hikvision_official.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Hitachi Energy product: eSOMS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hitachienergy.com/offering/solutions/cybersecurity/alerts-and-notifications notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Hitachi Vantara product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://knowledge.hitachivantara.com/Support_Information/Hitachi_Vantara_Security_Advisories/CVE-2021-44228_-_Apache_Log4j2 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Honeywell product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: HP product: Teradici Cloud Access Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - < v113 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hp.com/us-en/document/ish_5268006-5268030-16 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: HP product: Teradici EMSDK cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - < 1.0.6 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hp.com/us-en/document/ish_5268006-5268030-16 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: HP product: Teradici Management Console cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - < 21.10.3 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hp.com/us-en/document/ish_5268006-5268030-16 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: HP product: Teradici PCoIP Connection Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - < 21.03.6 - < 20.07.4 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hp.com/us-en/document/ish_5268006-5268030-16 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: HP product: Teradici PCoIP License Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hp.com/us-en/document/ish_5268006-5268030-16 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: HPE product: 3PAR StoreServ Arrays cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: AirWave Management Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Alletra 6000 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Alletra 9k cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Aruba Central cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Aruba ClearPass Policy Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Aruba ClearPass Policy Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Aruba Instant (IAP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Aruba Location Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Aruba NetEdit cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Aruba PVOS Switches cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Aruba SDN VAN Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Aruba User Experience Insight (UXI) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Aruba VIA Client cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: ArubaOS-CX switches cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: ArubaOS-S switches cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: ArubaOS SD-WAN Controllers and Gateways cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: ArubaOS Wi-Fi Controllers and Gateways cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: BladeSystem Onboard Administrator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Brocade 16Gb Fibre Channel SAN Switch for HPE Synergy cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Brocade 16Gb SAN Switch for HPE BladeSystem c-Class cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Brocade 32Gb Fibre Channel SAN Switch for HPE Synergy cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Brocade Network Advisor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: CloudAuth cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: CloudPhysics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Compute Cloud Console cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Compute operations manager- FW UPDATE SERVICE cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: COS (Cray Operating System) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Cray Systems Management (CSM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Custom SPP Portal [Link](https://spp.hpe.com/custom) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Data Services Cloud Console cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Harmony Data Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HOP public services (grafana, vault, rancher, Jenkins) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE B-series SN2600B SAN Extension Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE B-series SN4000B SAN Extension Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE B-series SN6000B Fibre Channel Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE B-series SN6500B Fibre Channel Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE B-series SN6600B Fibre Channel Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE B-series SN6650B Fibre Channel Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE B-series SN6700B Fibre Channel Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE Customer Experience Assurance (CEA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Hardware Support Manager plug-in for VMware vSphere Lifecycle Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE Home Location Register (HLR/I-HLR) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Infosight for Servers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE Integrated Home Subscriber Server (I-HSS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Intelligent Messaging (IM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Intelligent Network Server (INS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Multimedia Services Environment (MSE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE OC Convergent Communications Platform (OCCP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE OC Media Platform Media Resource Function (OCMP-MRF) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE OC Service Access Controller (OC SAC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE OC Service Controller (OCSC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE OC Universal Signaling Platform (OC-USP-M) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE OneView cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE OneView for VMware vRealize Operations (vROps) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE OneView Global Dashboard cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE Performance Cluster Manager (HPCM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Performance Manager (PM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Position Determination Entity (PDE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Secure Identity Broker (SIB) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Service Activator (SA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Service Governance Framework (SGF) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Service Orchestration Manager (SOM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Service Provisioner (SP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Short Message Point-to-Point Gateway (SMPP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Slingshot cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE Smart Interaction Server (SIS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE SN3000B Fibre Channel Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE SN8000B 4-Slot SAN Director Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE SN8000B 8-Slot SAN Backbone Director Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE SN8600B 4-Slot SAN Director Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE SN8600B 8-Slot SAN Director Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE SN8700B 4-Slot Director Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE SN8700B 8-Slot Director Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE Subscriber, Network, and Application Policy (SNAP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Subscription Manager (SM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Synergy Image Streamer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE Systems Insight Manager (SIM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE Telecom Application Server (TAS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Unified Correlation and Automation (UCA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Unified Mediation Bus (UMB) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Unified OSS Console (UOC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Unified Topology Manager (UTM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Universal Identity Repository (VIR) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Universal SLA Manager (uSLAM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Virtual Connect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE Virtual Connect Enterprise Manager (VCEM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE Virtual Provisioning Gateway (vPGW) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Virtual Server Environment (VSE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: HPE Virtual Subscriber Data Management (vSDM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE WebRTC Gateway Controller (WGW) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: HPE product: HPE Wi-Fi Authentication Gateway (WauG) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Insight Cluster Management Utility (CMU) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Integrated Lights-Out (iLO) Amplifier Pack cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Integrated Lights-Out 4 (iLO 4) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '4' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Integrated Lights-Out 5 (iLO 5) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '5' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Integrity BL860c, BL870c, BL890c cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Integrity Rx2800/Rx2900 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Integrity Superdome 2 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Integrity Superdome X cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Intelligent Provisioning cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: iSUT integrated smart update tool cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Maven Artifacts (Atlas) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: MSA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: NetEdit cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Nimble Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: NS-T0634-OSM CONSOLE TOOLS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: NS-T0977-SCHEMA VALIDATOR cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: OfficeConnect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Primera Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: RepoServer part of OPA (on Premises aggregator) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Resource Aggregator for Open Distributed Infrastructure Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: RESTful Interface Tool (iLOREST) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: SAT (System Admin Toolkit) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Scripting Tools for Windows PowerShell (HPEiLOCmdlets) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: SGI MC990 X Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: SGI UV 2000 Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: SGI UV 300, 300H, 300RL, 30EX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: SGI UV 3000 Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: SN8700B 8-Slot Director Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: StoreEasy cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: StoreEver CVTL cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: StoreEver LTO Tape Drives cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: StoreEver MSL Tape Libraries cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: StoreOnce cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: SUM (Smart Update Manager) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Superdome Flex 280 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: Superdome Flex Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HPE product: UAN (User Access Node) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us notes: 'Support Communication Cross Reference ID: SIK7387' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: HOLOGIC product: Advanced Workflow Manager (AWM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Unifi Workspace cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Faxitron CT Specimen Radiography System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: While the Hologic software itself does not utilize Java/Log4J, there is a utility program installed that may utilize Java and Log4J. This utility program does not run on startup and is not required for system operation. Please contact Hologic Service for assistance in removing this program. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Dimensions / 3Dimensions Mammography System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Affirm Prone Biopsy System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Brevera Breast Biopsy System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Trident HD Specimen Radiography System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: SecurView DX Workstation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Cenova Image Analytics Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: SecurXChange Router cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Rosetta DC Tomosynthesis Data Converter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Faxitron Specimen Radiography Systems cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Horizon DXA Bone Densitometer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Discovery Bone Densitometer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Fluoroscan Insight Mini C-Arm cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: SuperSonic Imagine Ultrasound Products (Aixplorer & Aixplorer Mach) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: HOLOGIC product: Windows Selenia Mammography System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Huawei product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Hubspot product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: I-Net software product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: I2P product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://geti2p.net/en/blog/post/2021/12/11/i2p-unaffected-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBA-AG product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.iba-ag.com/en/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Ibexa product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://developers.ibexa.co/security-advisories/cve-2021-44228-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBM product: BigFix Compliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBM product: BigFix Inventory cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - VM Manager Tool & SAP Tool fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: To verify if your instance is affected, go to the lib subdirectory of the tool (BESClient/LMT/SAPTOOL and BESClient/LMT/VMMAN) and check what version of log4j is included. Version is included in the name of the library. references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBM product: Analytics Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: App Configuration cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: App Connect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: App ID cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Application Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Aspera Endpoint cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Aspera Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Aspera fasp.io cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Aspera cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Bare Metal Servers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Block Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Block Storage for VPC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Block Storage Snapshots for VPC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Case Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Certificate Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Client VPN for VPC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Cloud Activity Tracker cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Cloud Backup cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Cloud Monitoring cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Cloud Object Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Cloud Object Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Cloudant cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Code Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Cognos Command Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Cognos Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 10.4.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/support/pages/node/6526468> notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Cognos Integration Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Compose Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Compose for Elasticsearch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Compose for etcd cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Compose for MongoDB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Compose for MySQL cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Compose for PostgreSQL cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Compose for RabbitMQ cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Compose for Redis cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Compose for RethinkDB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Compose for ScyllaDB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Container Registry cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Container Security Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Content Delivery Network cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Continuous Delivery cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Copy Services Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Databases for DataStax cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Databases for EDB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Databases for Elasticsearch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Databases for etcd cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Databases for MongoDB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Databases for PostgreSQL cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Databases for Redis cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Datapower Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Dedicated Host for VPC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Direct Link Connect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Direct Link Connect on Classic cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Direct Link Dedicated (2.0) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Direct Link Dedicated Hosting on Classic cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Direct Link Dedicated on Classic cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Direct Link Exchange on Classic cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: DNS Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Emptoris Contract Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Emptoris Program Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Emptoris Sourcing cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Emptoris Spend Analysis cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Emptoris Supplier Lifecycle Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Enterprise Tape Controller Model C07 (3592) (ETC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Event Notifications cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Event Streams cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: File Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Flash System 900 (& 840) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Flow Logs for VPC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Functions cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: GSKit cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Guardium S-TAP for Data Sets on z/OS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Guardium S-TAP for DB2 on z/OS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Guardium S-TAP for IMS on z/OS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Hyper Protect Crypto Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Hyper Protect DBaaS for MongoDB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Hyper Protect DBaaS for PostgreSQL cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Hyper Protect Virtual Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: i2 Analyst’s Notebook cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: i2 Base cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM Application Runtime Expert for i cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM Backup, Recovery and Media Services for i cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM Db2 Mirror for i cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM HTTP Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM i Access Family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM i Portfolio of products under the Group SWMA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM PowerHA System Mirror for i cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM Sterling Connect:Direct Browser User Interface cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM Sterling Connect:Direct File Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - See Vendor Links fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/security-bulletin-apache-log4j-vulnerability-affects-ibm-sterling-connectdirect-for-unix-cve-2021-44228/ notes: '' references: - '[https://www.ibm.com/support/pages/node/6526688](https://www.ibm.com/support/pages/node/6526688), [https://www.ibm.com/support/pages/node/6528324](https://www.ibm.com/support/pages/node/6528324), [https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/)' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: IBM product: IBM Sterling Connect:Direct for HP NonStop cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM Sterling Connect:Direct for i5/OS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM Sterling Connect:Direct for OpenVMS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM Sterling Connect:Express for Microsoft Windows cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM Sterling Connect:Express for UNIX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: IBM Sterling Connect:Express for z/OS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Instana Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Timestamp lower than 12-11-2021 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.instana.io/incidents/4zgcd2gzf4jw notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: IBM product: Internet Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Key Lifecyle Manager for z/OS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Key Protect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Knowledge Studio cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Kubernetes Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Load Balancer for VPC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Log Analysis cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Managed VMware Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Management Extender for VMware vCenter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBM product: Mass Data Migration cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Maximo EAM SaaS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Message Hub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: MQ Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: MQ on IBM Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Natural Language Understanding cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: OmniFind Text Search Server for DB2 for i cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: OPENBMC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Planning Analytics Workspace cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '>2.0.57' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/support/pages/node/6525700 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Power HMC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - V9.2.950.0 & V10.1.1010.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/support/pages/node/6526172?myns=pwrsmc&mynp=OCSGGSNP&mync=E&cm_sp=pwrsmc-_-OCSGGSNP-_-E notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: PowerSC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: PowerVM Hypervisor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: PowerVM VIOS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: QRadar Advisor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Qradar Network Threat Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: QRadar SIEM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Quantum Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Rational Developer for AIX and Linux cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Rational Developer for i cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Red Hat OpenShift on IBM Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Resilient cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBM product: Robotic Process Automation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: SAN Volume Controller and Storwize Family cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Satellite Infrastructure Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Schematics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Secrets Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Secure Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Server Automation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: IBM product: Spectrum Archive Library Edition cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Discover cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Protect Client Management Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: 'Spectrum Protect for Databases: Data Protection for Oracle' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: 'Spectrum Protect for Databases: Data Protection for SQL' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Protect for Enterprise Resource Planning cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: 'Spectrum Protect for Mail: Data Protection for Domino' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: 'Spectrum Protect for Mail: Data Protection for Exchange' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Protect for Workstations cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Protect for z/OS USS Client and API cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Protect Plus Db2 Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Protect Plus Exchange Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Protect Plus File Systems Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Protect Plus MongoDB Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Protect Plus O365 Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Protect Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Protect Snapshot for UNIX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Spectrum Protect Snapshot for UNIX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: SQL Query cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Gentran cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Order Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Transformation Extender Pack for ACORD cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Transformation Extender Pack for Financial Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Transformation Extender Pack for FIX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Transformation Extender Pack for NACHA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Transformation Extender Pack for PeopleSoft cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Transformation Extender Pack for SAP R/3 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Transformation Extender Pack for SEPA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Transformation Extender Pack for Siebel cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Transformation Extender Pack for SWIFT cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Transformation Extender Packs for EDI cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Transformation Extender Packs for Healthcare cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Sterling Transformation Extender Trading Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Storage TS1160 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Storage TS2280 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Storage TS2900 Library cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Storage TS3100-TS3200 Library cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Storage TS4500 Library cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Storage Virtualization Engine TS7700 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Tape System Library Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: TDMF for zOS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Total Storage Service Console (TSSC) / TS4500 IMC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Transit Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Tririga Anywhere cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: TS4300 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Urbancode Deploy cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Virtual Private Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Virtual Server for Classic cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Virtualization Management Interface cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: VMware Solutions cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: VMware vCenter Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: VMware vSphere cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: VPN for VPC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: vRealize Operations and Log Insight cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: IBM product: Workload Automation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: ICONICS product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://iconics.com/News/Press-Releases/2021/ICONICS-Not-Subject-to-Apache-Log4j-Vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: IFS product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.ifs.com/announcements-278/urgent-bulletin-ifs-advisory-ifs-products-services-and-log4j-cve-2021-44228-16436 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: IGEL product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.igel.com/securitysafety/en/isn-2021-11-ums-log4j-vulnerability-54086712.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Ignite Realtime product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discourse.igniterealtime.org/t/openfire-4-6-5-released/91108 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: iGrafx product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.igrafx.com/igrafx-thwarts-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Illuminated Cloud product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://illuminatedcloud.blogspot.com/2021/12/illuminated-cloud-2-and-log4j-security.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:31+00:00' - vendor: Illumio product: C-VEN cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Illumio product: CLI cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Illumio product: CloudSecure cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Illumio product: Core on-premise PCE cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Illumio product: Core SaaS PCE cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Illumio product: Edge SaaS PCE cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Illumio product: Edge-CrowdStrike cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Illumio product: Flowlink cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Illumio product: Kubelink cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Illumio product: NEN cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Illumio product: QRadar App cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Illumio product: Splunk App cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Illumio product: VEN cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: IManage product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.imanage.com/hc/en-us/articles/4412696236699-ADVISORY-Security-vulnerability-CVE-2021-44228-in-third-party-component-Apache-Log4j2#h_3164fa6c-4717-4aa1-b2dc-d14d4112595e notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Imperva product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.imperva.com/blog/how-were-protecting-customers-staying-ahead-of-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Inductive Automation product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: IndustrialDefender product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.industrialdefender.com/cve-2021-44228-log4j/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: infinidat product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.infinidat.com/hc/en-us/articles/4413483145489-INFINIDAT-Support-Announcement-2021-010-Log4Shell-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: InfluxData product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.influxdata.com/blog/apache-log4j-vulnerability-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Infoblox product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.infoblox.com/articles/Knowledge/Infoblox-NIOS-and-BloxOne-products-not-vulnerable-to-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Informatica product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://network.informatica.com/community/informatica-network/blog/2021/12/10/log4j-vulnerability-update notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Instana product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.instana.io/incidents/4zgcd2gzf4jw notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Instructure product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.canvaslms.com/t5/Community-Users/Instructure-amp-the-Apache-Log4j2-Vulnerability/ba-p/501907 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Intel product: Audio Development Kit cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Intel product: Datacenter Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Intel product: oneAPI sample browser plugin for Eclipse cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Intel product: System Debugger cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Intel product: Secure Device Onboard cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Intel product: Genomics Kernel Library cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Intel product: System Studio cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Intel product: Computer Vision Annotation Tool maintained by Intel cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Intel product: Sensor Solution Firmware Development Kit cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Internet Systems Consortium(ISC) product: ISC DHCP, aka dhcpd cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.isc.org/blogs/2021-log4j/ notes: no JAVA Code references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Internet Systems Consortium(ISC) product: Kea DHCP cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.isc.org/blogs/2021-log4j/ notes: no JAVA Code references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Internet Systems Consortium(ISC) product: BIND 9 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.isc.org/blogs/2021-log4j/ notes: no JAVA Code references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: InterSystems product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.intersystems.com/gt/apache-log4j2/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Intland product: codebeamer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <= 20.11-SP11 - <= 21.09-SP3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://codebeamer.com/cb/wiki/19872365 notes: A fix has been released for [20.11](https://codebeamer.com/cb/wiki/13134438) and [21.09](https://codebeamer.com/cb/wiki/19418497), but not yet for [21.04](https://codebeamer.com/cb/wiki/16937839) references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: IPRO product: Netgovern cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: iRedMail product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.iredmail.org/topic18605-log4j-cve202144228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Ironnet product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ironnet.com/blog/ironnet-security-notifications-related-to-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: ISLONLINE product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.islonline.com/2021/12/13/isl-online-is-not-affected-by-log4shell-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Ivanti product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jamasoftware product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.jamasoftware.com/communities/community-home/digestviewer/viewthread?MessageKey=06d26f9c-2abe-4c10-93d4-c0f6c8a01b22&CommunityKey=c9d20d4c-5bb6-4f19-92eb-e7cee0942d51&tab=digestviewer#bm06d26f9c-2abe-4c10-93d4-c0f6c8a01b22 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jamf product: Jamf Pro cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 10.31.0 – 10.34.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jaspersoft product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.jaspersoft.com/wiki/apache-log4j-vulnerability-update-jaspersoft-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jedox product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.jedox.com/en/trust/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jenkins product: CI/CD Core cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jenkins product: Plugins cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ notes: '[Instructions to test your installations in announcement](https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/)' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: JetBrains product: IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, Rider, RubyMine, WebStorm) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Unknown cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory, dotCover, dotPeek) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Unknown cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: ToolBox cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Unknown cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: TeamCity cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Unknown cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://youtrack.jetbrains.com/issue/TW-74298 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Hub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 2021.1.14080 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/hub/2021/12/14/hub-update-regarding-log4j2-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: YouTrack Standalone cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 2021.4.35970 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/youtrack/2021/12/youtrack-update-regarding-log4j2-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: YouTrack InCloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Unknown unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Datalore cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Unknown cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Space cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Unknown cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jetbrains product: Code With Me cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Unknown unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Unknown cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Kotlin cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Unknown cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Ktor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Unknown cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: MPS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Unknown cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: Floating license server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '30211' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JetBrains product: UpSource cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 2020.1.1952 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: JFROG product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://jfrog.com/knowledge-base/general-jfrog-services-are-not-affected-by-vulnerability-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jitsi product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jitterbit product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://success.jitterbit.com/display/DOC/Mitigating+the+Apache+Log4j2+JNDI+Vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: jPOS product: (ISO-8583) bridge cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Unknown cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/jpos/jPOS/commit/d615199a1bdd35c35d63c07c10fd0bdbbc96f625 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Johnson Controls product: C•CURE‐9000 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 2.90.x (all 2.90 versions) cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: C•CURE‐9000 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 2.80.x (all 2.80 versions) cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: C•CURE‐9000 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 2.70 (All versions) cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: C•CURE‐9000 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 2.60 (All versions) cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: victor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 5.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: victor/ C•CURE‐9000 Unified cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 3.81.x / victor 5.4.1 / C•CURE‐9000 2.80 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: victor/ C•CURE‐9000 Unified cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 3.91.x / victor 5.6.1 / C•CURE‐9000 2.90 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: Metasys Products and Tools cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: Facility Explorer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 14.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: CEM AC2000 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: CEM Hardware Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: Illustra Cameras cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: Illustra Insight cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: Tyco AI cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: DLS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: Entrapass cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: CloudVue Web cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: CloudVue Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: Qolsys IQ Panels cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: PowerSeries NEO cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: PowerSeries Pro cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: Sur‐Gard Receivers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: VideoEdge cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 5.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: exacqVision Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: exacqVision Client cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: exacqVision WebService cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: BCPro cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Johnson Controls product: iSTAR cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.johnsoncontrols.com/cyber-solutions/security-advisories notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Journyx product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.journyx.com/support/solutions/articles/9000209044-apache-log4j-2-vulnerability-cve-2021-44228- notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Jump Desktop product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.jumpdesktop.com/hc/en-us/articles/4416720395021-Log4j-CVE-2021-44228-CVE-2021-45046-Statement notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Juniper Networks product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Justice Systems product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.justicesystems.com/services/support/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: K15t product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.k15t.com/k15t-apps-and-log4shell-193401141.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: K6 product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://k6.io/blog/k6-products-not-impacted-by-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Karakun product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://board.karakun.com/viewtopic.php?f=21&t=8351 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Kaseya product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Keeper Security product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.keepersecurity.com/blog/2021/12/15/public-notice-regarding-the-apache-foundation-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: KEMP product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: KEMP 2 product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228- notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Kofax product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://knowledge.kofax.com/MFD_Productivity/SafeCom/Product_Information/SafeCom_and_Log4j_vulnerability_(CVE-2021-44228) notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Konica Minolta product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.konicaminolta.de/de-de/support/log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Kronos UKG product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.kronos.com/s/feed/0D54M00004wJKHiSAO?language=en_US notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Kyberna product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.kyberna.com/detail/log4j-sicherheitsluecke notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: L-Soft product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - http://www.lsoft.com/news/log4jinfo.asp notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: L3Harris Geospatial product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.l3harrisgeospatial.com/Support/Self-Help-Tools/Help-Articles/Help-Articles-Detail/ArtMID/10220/ArticleID/24141/Impact-of-Log4j-Java-Security-Vulnerability-CVE-2021-44228-on-L3Harris-Geospatial-software notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Lancom Systems product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.lancom-systems.com/service-support/instant-help/general-security-information/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Lansweeper product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.lansweeper.com/vulnerability/critical-log4j-vulnerability-affects-millions-of-applications/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Laserfiche product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://answers.laserfiche.com/questions/194037/Do-any-Laserfiche-products-use-the-Apache-log4j-library#194038 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LastPass product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.logmeininc.com/lastpass/help/log4j-vulnerability-faq-for-lastpass-universal-proxy notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LaunchDarkly product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://launchdarkly.com/blog/audit-shows-systems-unaffected-by-log4j/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Leanix product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leanix.net/en/blog/log4j-vulnerability-log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Leica BIOSYSTEMS product: Aperio AT2 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Aperio AT2 DX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Aperio CS2 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Aperio eSlide Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Aperio GT 450 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Aperio GT 450 DX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Aperio ImageScope cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Aperio ImageScope DX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Aperio LV1 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Aperio SAM DX Server For GT 450 DX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Aperio Scanner Administration Manager (SAM) Server for GT 450 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Aperio VERSA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Aperio WebViewer DX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: BOND-ADVANCE cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: BOND Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: BOND-III cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: BOND-MAX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: BOND RX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: BOND RXm cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: CEREBRO cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: CytoVision cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: HistoCore PEARL cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: HistoCore PEGASUS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: HistoCore SPECTRA CV cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: HistoCore SPECTRA ST cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: HistoCore SPIRIT ST cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: HistoCore SPRING ST cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Leica ASP300S cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Leica CV5030 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Leica ST4020 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Leica ST5010 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Leica ST5020 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: Leica TP1020 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: LIS Connect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: PathDX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Leica BIOSYSTEMS product: ThermoBrite Elite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.leicabiosystems.com/about/product-security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Lenovo product: BIOS/UEFI cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: Chassis Management Module 2 (CMM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: Commercial Vantage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: Confluent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: DSS-G cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: Embedded System Management Java-based KVM clients cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: Fan Power Controller (FPC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: Fan Power Controller2 (FPC2) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: Integrated Management Module II (IMM2) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: NetApp ONTAP Tools for VMware vSphere cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: See [NetApp](https://security.netapp.com/advisory/ntap-20211210-0007/) advisory. references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: 'Network Switches running: Lenovo CNOS, Lenovo ENOS, IBM ENOS, or Brocade FOS' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: Storage Management utilities cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: System Management Module (SMM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: System Management Module 2 (SMM2) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: System Update cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: Thin Installer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: ThinkAgile HX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: Nutanix and VMware components only; hardware not affected. See [Nutanix](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) and [VMWare](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) advisories. references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: ThinkAgile VX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: VMware components only; hardware not affected. See [VMWare](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) advisory. references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: ThinkSystem 2x1x16 Digital KVM Switch - Type 1754D1T cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: ThinkSystem DE Series Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: See also NetApp advisory. references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: ThinkSystem DM Series Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: See also NetApp advisory. references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: ThinkSystem DS Series Storage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: ThinkSystem Manager (TSM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: Update Retriever cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: Vantage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Administrator (LXCA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Controller (XCC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Energy Manager (LXEM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Essentials (LXCE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Integrator (LXCI) for Microsoft Azure Log Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Integrator (LXCI) for Microsoft System Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Integrator (LXCI) for Nagios cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Integrator (LXCI) for ServiceNow cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Integrator (LXCI) for VMware vCenter cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Integrator (LXCI) for Windows Admin Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Mobile (LXCM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Orchestrator (LXCO) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: Lenovo product: XClarity Provisioning Manager (LXPM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.lenovo.com/ca/en/product_security/len-76573 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: LeoStream product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.leostream.com/support/discussions/topics/66000507567 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Let's Encrypt product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.letsencrypt.org/t/log4j-vulnerability-cve-2021-44228/167464 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LibreNMS product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.librenms.org/t/is-librenms-affected-by-vulnerable-to-cve-2021-25218-cve-2021-44228/17675/6 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LifeRay product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://liferay.dev/blogs/-/blogs/log4j2-zero-day-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LifeSize product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.lifesize.com/s/article/Apache-Log4j2-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Lightbend product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Lime CRM product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.lime-crm.com/security/lcsec21-01 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LIONGARD product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://insights.liongard.com/faq-apache-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LiquidFiles product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://mailchi.mp/liquidfiles/liquidfiles-log4j?e=%5BUNIQID%5D notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LiveAction product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://documentation.liveaction.com/LiveNX/LiveNX%2021.5.1%20Release%20Notes/Release%20Notes%20LiveNX%2021.5.1.1.3 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Loftware product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.loftware.com/lps-kb/content/log4j%20cve-2021-44228.htm?Highlight=CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LOGalyze product: SIEM & log analyzer tool cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - v4.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sourceforge.net/software/product/LOGalyze/ notes: 'local-log4j-vuln-scanner result: indicator for vulnerable component found in /logalyze/lib/log4j-1.2.17.jar (org/apache/log4j/net/SocketNode.class): log4j 1.2.17' references: - '[Forks (github.com)](https://github.com/search?q=logalyzer&s=updated&type=Repositories)' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: LogiAnalytics product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://devnet.logianalytics.com/hc/en-us/articles/4415781801751-Statement-on-Log4j-Vulnerability-CVE-2021-44228- notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LogicMonitor product: LogicMonitor Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.logicmonitor.com/support/log4shell-security-vulnerability-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LogMeIn product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.logmein.com/t5/LogMeIn-Central-Discussions/LOG4J-Vulnerability/m-p/280317/highlight/true#M8327 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LogRhythm product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.logrhythm.com/t5/Product-Security/LogRhythm-Response-to-the-Apache-Log4J-Vulnerability-Log4Shell/td-p/494068 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Looker product: Looker cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '21.0' - '21.6' - '21.12' - '21.16' - '21.18' - '21.20' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.google.com/document/d/e/2PACX-1vQGN1AYNMHxsRQ9AZNu1bKyTGRUSK_9xkQBge-nu4p8PYvBKIYHhc3914KTfVtDFIXtDhc3k6SZnR2M/pub notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: LucaNet product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.lucanet.com/en/blog/update-vulnerability-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Lucee product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://dev.lucee.org/t/lucee-is-not-affected-by-the-log4j-jndi-exploit-cve-2021-44228/9331/4 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Lyrasis product: Fedora Repository cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 3.x - 4.x - 5.x - 6.x cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo notes: Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: MailStore product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Maltego product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: ManageEngine product: Servicedesk Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 11305 and below fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.manageengine.com/products/service-desk/security-response-plan.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: ManageEngine product: AD SelfService Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Build 6.1 build 6114 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-27T00:00:00' - vendor: ManageEngine Zoho product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: ManageEngine Zoho product: ADManager Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - On-Prem fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: ADAudit Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - On-Prem fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: DataSecurity Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - On-Prem fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: EventLog Analyzer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - On-Prem fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: M365 Manager Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - On-Prem fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: RecoveryManager Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - On-Prem fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: Exchange Reporter Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - On-Prem fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: Log360 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - On-Prem fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: Log360 UEBA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - On-Prem fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: Cloud Security Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - On-Prem fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: M365 Security Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - On-Prem fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: ManageEngine Zoho product: Analytics Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - On-Prem fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: MariaDB product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: MathWorks product: All MathWorks general release desktop or server products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: MathWorks product: MATLAB cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-29T00:00:00' - vendor: Matillion product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://documentation.matillion.com/docs/security-advisory-14th-december-2021 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Matomo product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.matomo.org/t/matomo-is-not-concerned-by-the-log4j-security-breach-cve-2021-44228-discovered-on-december-2021-the-9th/44089 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Mattermost FocalBoard product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.mattermost.org/t/log4j-vulnerability-concern/12676 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: McAfee product: Data Exchange Layer (DXL) Client cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Data Loss Prevention (DLP) Discover cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Data Loss Prevention (DLP) Endpoint for Mac cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Data Loss Prevention (DLP) Endpoint for Windows cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Data Loss Prevention (DLP) Monitor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Data Loss Prevention (DLP) Prevent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Endpoint Security (ENS) for Linux cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Endpoint Security (ENS) for Mac cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Endpoint Security (ENS) for Windows cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: ePolicy Orchestrator Application Server (ePO) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 5.10 CU11 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kc.mcafee.com/agent/index?page=content&id=SB10377 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: ePolicy Orchestrator Agent Handlers (ePO-AH) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Host Intrusion Prevention (Host IPS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Management of Native Encryption (MNE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: McAfee Active Response (MAR) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: McAfee Agent (MA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: McAfee Application and Change Control (MACC) for Linux cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: McAfee Application and Change Control (MACC) for Windows cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: McAfee Client Proxy (MCP) for Mac cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: McAfee Client Proxy (MCP) for Windows cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: McAfee Drive Encryption (MDE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: McAfee Security for Microsoft Exchange (MSME) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: McAfee Security for Microsoft SharePoint (MSMS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: McAfee Security for Microsoft Exchange (MSME) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Enterprise Security Manager (ESM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 11.5.3 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kc.mcafee.com/agent/index?page=content&id=SB10377 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Network Security Manager (NSM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Network Security Platform (NSP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Policy Auditor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Threat Intelligence Exchange (TIE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kc.mcafee.com/agent/index?page=content&id=SB10377 notes: Latest status in linked Security Bulletin references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: McAfee product: Web Gateway (MWG) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kc.mcafee.com/agent/index?page=content&id=SB10377 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Medtronic product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://global.medtronic.com/xg-en/product-security/security-bulletins/log4j-vulnerabilities.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: MEINBERG product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.meinbergglobal.com/english/news/meinberg-lantime-and-microsync-systems-not-at-risk-from-log4j-security-exploit.htm notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Meltano product: Meltano cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/meltano/meltano notes: Project is written in Python references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Memurai product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.memurai.com/blog/apache-log4j2-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: MicroFocus product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://portal.microfocus.com/s/customportalsearch?language=en_US&searchtext=CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure Application Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure API Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure Data lake store java cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 2.3.10 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure Data lake store java cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 2.3.10 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure DevOps Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2019.0 - 2020.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure DevOps cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Azure Traffic Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microsoft product: Team Foundation Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2018.2+ fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Microstrategy product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.microstrategy.com/s/article/MicroStrategy-s-response-to-CVE-2021-44228-The-Log4j-0-Day-Vulnerability?language=en_US notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Midori Global product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.midori-global.com/blog/2021/12/15/cve-2021-44228-log4shell-midori-apps-are-not-affected notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Mikrotik product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.mikrotik.com/viewtopic.php?p=897938 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Milestone sys product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportcommunity.milestonesys.com/s/article/Log4J-vulnerability-faq?language=en_US notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Mimecast product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.mimecast.com/s/article/Mimecast-Information-for-Customers-on-the-Log4Shell-Vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Minecraft product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Mirantis product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/Mirantis/security/blob/main/news/cve-2021-44288.md notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Miro product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://miro.com/trust/updates/log4j/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Mitel product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: MobileIron product: Core cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All Versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US notes: The mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: MobileIron product: Core Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All Versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US notes: The mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: MobileIron product: Reporting Database (RDB) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All Versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US notes: The mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: MobileIron product: Sentry cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '9.13' - '9.14' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US notes: The mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: MongoDB product: All other components of MongoDB Atlas (including Atlas Database, Data Lake, Charts) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: MongoDB product: MongoDB Atlas Search cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: MongoDB product: MongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: MongoDB product: MongoDB Drivers cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: MongoDB product: MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, Enterprise Kubernetes Operators) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: MongoDB product: MongoDB Realm (including Realm Database, Sync, Functions, APIs) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: MongoDB product: MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas CLI, Database Connectors) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: Moodle product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://moodle.org/mod/forum/discuss.php?d=429966 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:32+00:00' - vendor: MoogSoft product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://servicedesk.moogsoft.com/hc/en-us/articles/4412463233811?input_string=log4j+vulnerability+%7C%7C+cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Motorola Avigilon product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.avigilon.com/s/article/Technical-Notification-Apache-Log4j2-vulnerability-impact-on-Avigilon-products-CVE-2021-44228?language=en_US notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Mulesoft product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Mulesoft product: Mule Runtime cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.x - 4.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 notes: This advisory is available to account holders only and has not been reviewed by CISA. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Mulesoft product: Mule Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 6.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 notes: This advisory is available to account holders only and has not been reviewed by CISA. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Mulesoft product: Cloudhub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 notes: This advisory is available to account holders only and has not been reviewed by CISA. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Mulesoft product: Anypoint Studio cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 7.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 notes: This advisory is available to account holders only and has not been reviewed by CISA. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: N-able product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nagios product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.nagios.com/news/2021/12/update-on-apache-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: NAKIVO product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.nakivo.com/index.php?/topic/7574-log4j-cve-2021-44228/&do=findComment&comment=9145 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Neo4j product: Neo4j Graph Database cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Version >4.2 - <4..2.12 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-13T00:00:00' - vendor: Netapp product: Multiple NetApp products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.netapp.com/advisory/ntap-20211210-0007/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Netcup product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.netcup-news.de/2021/12/14/pruefung-log4j-sicherheitsluecken-abgeschlossen/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: NetGate PFSense product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.netgate.com/topic/168417/java-log4j-vulnerability-is-pfsense-affected/35 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Netwrix product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.netwrix.com/netwrix_statement_on_cve_2021_44228_the_apache_log4j_vulnerability.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: New Relic product: Containerized Private Minion (CPM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 3.0.57 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr21-04/ notes: New Relic is in the process of revising guidance/documentation, however the fix version remains sufficient. references: - '[Security Bulletin NR21-04](https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr21-04/)' reporter: cisagov last_updated: '2021-12-18T00:00:00' - vendor: New Relic product: New Relic Java Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <7.4.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.newrelic.com/docs/release-notes/agent-release-notes/java-release-notes/java-agent-743/ notes: Initially fixed in 7.4.2, but additional vulnerability found references: - '[New Relic tracking](https://github.com/newrelic/newrelic-java-agent/issues/605), covers CVE-2021-44228, CVE-2021-45046' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: NextCloud product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.nextcloud.com/t/apache-log4j-does-not-affect-nextcloud/129244 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nextflow product: Nextflow cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 21.04.0.5552 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.nextflow.io/docs/latest/index.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Nexus Group product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://doc.nexusgroup.com/pages/viewpage.action?pageId=83133294 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: NI (National Instruments) product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nice Software (AWS) EnginFRAME product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.enginframe.com/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: NinjaRMM product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://ninjarmm.zendesk.com/hc/en-us/articles/4416226194189-12-10-21-Security-Declaration-NinjaOne-not-affected-by-CVE-2021-44228-log4j- notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nomachine product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forums.nomachine.com/topic/apache-log4j-notification notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: NoviFlow product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://noviflow.com/noviflow-products-and-the-log4shell-exploit-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nulab product: Backlog cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - N/A (SaaS) unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://nulab.com/blog/company-news/log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nulab product: Backlog Enterprise (On-premises) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - < 1.11.7 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://nulab.com/blog/company-news/log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nulab product: Cacoo cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - N/A (SaaS) unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://nulab.com/blog/company-news/log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nulab product: Cacoo Enterprise (On-premises) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - < 4.0.4 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://nulab.com/blog/company-news/log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nulab product: Typetalk cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - N/A (SaaS) unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://nulab.com/blog/company-news/log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Nutanix product: AHV cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: AOS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - LTS (including Prism Element) - Community Edition cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: AOS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - STS (including Prism Element) unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Patched in 6.0.2.4, available on the Portal for download. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Beam cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Saas-Based Procuct. See Advisory. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: BeamGov cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Saas-Based Procuct. See Advisory. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Calm cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Calm Tunnel VM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Collector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Collector Portal cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Saas-Based Procuct. See Advisory. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Data Lens cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Saas-Based Procuct. See Advisory. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Era cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: File Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.1.x - 2.2.x - 3.0+ fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Mitigated in version 3.0.1 which is available on the Portal for download. Mitigation is available [here](https://portal.nutanix.com/kb/12499) references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Files cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Flow cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Flow Security Cental cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Saas-Based Procuct. See Advisory. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Foundation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Frame cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Saas-Based Procuct. See Advisory. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: FrameGov cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Saas-Based Procuct. See Advisory. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: FSCVM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Insights cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Saas-Based Procuct. See Advisory. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Karbon cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Mitigation is available [here](https://portal.nutanix.com/kb/12483) references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Karbon Platform Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Saas-Based Procuct. See Advisory. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Leap cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Saas-Based Procuct. See Advisory. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: LCM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Mine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Mitigation is available [here](https://portal.nutanix.com/kb/12484) references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Move cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: MSP cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Mitigation is available [here](https://portal.nutanix.com/kb/12482) references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: NCC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: NGT cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Objects cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Mitigation is available [here](https://portal.nutanix.com/kb/12482) references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Prism Central cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Patched in 2021-9.0.3, available on the Portal for download. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Sizer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Saas-Based Procuct. See Advisory. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Volumes cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: Witness VM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: Mitigation is available [here](https://portal.nutanix.com/kb/12491) references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nutanix product: X-Ray cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://download.nutanix.com/alerts/Security_Advisory_0023.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Nvidia product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://nvidia.custhelp.com/app/answers/detail/a_id/5294 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: NXLog product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://nxlog.co/news/apache-log4j-vulnerability-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Objectif Lune product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://learn.objectiflune.com/blog/security/statement-on-log4j-vulnerability-cve-2021-4428/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: OCLC product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://oclc.service-now.com/status notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Octopus product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://advisories.octopus.com/adv/December.2306508680.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Okta product: Advanced Server Access cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sec.okta.com/articles/2021/12/log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Okta product: Okta Access Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sec.okta.com/articles/2021/12/log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Okta product: Okta AD Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sec.okta.com/articles/2021/12/log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Okta product: Okta Browser Plugin cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sec.okta.com/articles/2021/12/log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Okta product: Okta IWA Web Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sec.okta.com/articles/2021/12/log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Okta product: Okta LDAP Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sec.okta.com/articles/2021/12/log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Okta product: Okta Mobile cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sec.okta.com/articles/2021/12/log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Okta product: Okta RADIUS Server Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 2.17.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Okta product: Okta Verify cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sec.okta.com/articles/2021/12/log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Okta product: Okta Workflows cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sec.okta.com/articles/2021/12/log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Okta product: Okta On-Prem MFA Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 1.4.6 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Onespan product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.onespan.com/remote-code-execution-vulnerability-in-log4j2-cve-2018-11776 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Opengear product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://opengear.zendesk.com/hc/en-us/articles/4412713339419-CVE-2021-44228-aka-Log4Shell-Opengear-products-are-not-affected notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: OpenMRS TALK product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://talk.openmrs.org/t/urgent-security-advisory-2021-12-11-re-apache-log4j-2/35341 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: OpenNMS product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: OpenSearch product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://discuss.opendistrocommunity.dev/t/log4j-patch-for-cve-2021-44228/7950 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: OpenText product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.opentext.com/support/log4j-remote-code-execution-advisory notes: '' references: - '' reporter: cisagov last_updated: '2021-12-23T00:00:00' - vendor: Oracle product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.oracle.com/security-alerts/alert-cve-2021-44228.html notes: The support document is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Oracle product: Exadata cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <21.3.4 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.oracle.com/security-alerts/alert-cve-2021-44228.html notes: Patch status and other security guidance is restricted to Oracle account/support members. The support document is available to customers only and has not been reviewed by CISA. references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Oracle product: Enterprise Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '13.5' - 13.4 & 13.3.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.oracle.com/security-alerts/alert-cve-2021-44228.html notes: Patch status and other security guidance is restricted to Oracle account/support members. The support document is available to customers only and has not been reviewed by CISA. references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Orgavision product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.orgavision.com/neuigkeiten/sicherheitsluecke-java-library-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Osirium product: PAM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.osirium.com/blog/apache-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Osirium product: PEM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.osirium.com/blog/apache-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Osirium product: PPA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.osirium.com/blog/apache-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: OTRS product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://portal.otrs.com/external notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: OVHCloud product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.ovhcloud.com/log4shell-how-to-protect-my-cloud-workloads/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: OwnCloud product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://central.owncloud.org/t/owncloud-not-directly-affected-by-log4j-vulnerability/35493 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: OxygenXML product: Author cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: OxygenXML product: Developer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: OxygenXML product: Editor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: OxygenXML product: Oxygen Content Fusion cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '2.0' - '3.0' - '4.1' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: OxygenXML product: Oxygen Feedback Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.4.4 & older fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: OxygenXML product: Oxygen License Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - v22.1 to v24.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: OxygenXML product: Oxygen PDF Chemistry cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - v22.1 - '23.0' - '23.1' - '24.0' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: OxygenXML product: Oxygen SDK cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: OxygenXML product: Plugins (see advisory link) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: OxygenXML product: Publishing Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: OxygenXML product: Web Author cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: OxygenXML product: WebHelp cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Palantir product: Palantir Foundry cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.palantir.com/security-advisories/log4j-vulnerability/ notes: No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Palantir product: Palantir Gotham cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.palantir.com/security-advisories/log4j-vulnerability/ notes: No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Palantir product: Palantir Apollo cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.palantir.com/security-advisories/log4j-vulnerability/ notes: No impact, and updates have been deployed for full remediation. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Palantir product: Palantir AI Inference Platform (AIP) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - All unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.palantir.com/security-advisories/log4j-vulnerability/ notes: Fully remediated as of 1.97.0. Disconnected customer instances may require manual updates. references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Palo-Alto Networks product: CloudGenix cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Palo-Alto Networks-OS for Panorama cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '9.0' - '9.1' - '10.0' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will be updated when hot fixes for the affected Panorama versions are available. PAN-OS for Panorama versions 8.1, 10.1 are not affected. reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Palo-Alto Networks product: Bridgecrew cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Cortex Data Lake cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Cortex Xpanse cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Cortex XDR Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Cortex XSOAR cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Expedition cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: IoT Security cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: GlobalProtect App cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Palo-Alto Networks-OS for Firewall and Wildfire cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Prisma Access cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Prisma Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Prisma Cloud Compute cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: Okyo Grade cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: SaaS Security cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: WildFire Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: WildFire Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Palo-Alto Networks product: User-ID Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.paloaltonetworks.com/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Panopto product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: PaperCut product: PaperCut MF cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 21.0 and later fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.papercut.com/support/known-issues/?id=PO-684#ng notes: Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: PaperCut product: PaperCut NG cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 21.0 and later fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.papercut.com/support/known-issues/?id=PO-684#ng notes: Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Parallels product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.parallels.com/en/128696 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Parse.ly product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.parse.ly/parse-ly-log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: PBXMonitor product: RMM for 3CX PBX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.pbxmonitor.net/changelog.php notes: Mirror Servers were also checked to ensure Log4J was not installed or being used by any of our systems. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Pega product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pentaho product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho- notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pepperl+Fuchs product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.pepperl-fuchs.com/global/en/29079.htm notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Percona product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.percona.com/blog/log4jshell-vulnerability-update/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pexip product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Phenix Id product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.phenixid.se/uncategorized/log4j-fix/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Philips product: Multiple products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.philips.com/a-w/security/security-advisories.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: PHOENIX CONTACT product: Physical products containing firmware cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: PHOENIX CONTACT product: Software Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: PHOENIX CONTACT product: Cloud Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf notes: Partly affected. Remediations are being implemented. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Ping Identity product: PingAccess cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 4.0 <= version <= 6.3.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Ping Identity product: PingCentral cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Ping Identity product: PingFederate cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 8.0 <= version <= 10.3.4 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Ping Identity product: PingFederate Java Integration Kit cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 2.7.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Ping Identity product: PingFederate OAuth Playground cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 4.3.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Ping Identity product: PingIntelligence cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Pitney Bowes product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.pitneybowes.com/us/support/apache-log4j-vulnerability.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Planmeca product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.planmeca.com/apache-log4j-vulnerability-in-planmeca-products/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Planon Software product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.planonsoftware.com/uk/news/log4j-impact-on-planon/ notes: This advisory is available for customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Platform.SH product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://platform.sh/blog/2021/platformsh-protects-from-apache-log4j/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Plesk product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Plex product: Plex Industrial IoT cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 notes: The product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Polycom product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Portainer product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.portainer.io/blog/portainer-statement-re-log4j-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: PortSwigger product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: PostGreSQL product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Postman product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228- notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Power Admin LLC product: PA File Sight cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - NONE cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Power Admin LLC product: PA Storage Monitor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - NONE cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Power Admin LLC product: PA Server Monitor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - NONE cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Pretix product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://pretix.eu/about/de/blog/20211213-log4j/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: PrimeKey product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Progress / IpSwitch product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.progress.com/security notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: ProofPoint product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://proofpointcommunities.force.com/community/s/article/Proofpoint-Statement-Regarding-CVE-2021-44228-Java-logging-package-log4j2 notes: This advisory is available for customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: ProSeS product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.proses.de/en/2021/12/16/log4shell-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Prosys product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://prosysopc.com/news/important-security-release/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Proxmox product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: PRTG Paessler product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.paessler.com/en/topic/90213-is-prtg-affected-by-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: PTC product: Axeda Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 6.9.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ptc.com/en/support/article/CS358990 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: PTC product: ThingsWorx Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '8.5' - '9.0' - '9.1' - '9.2' - All supported versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ptc.com/en/support/article/CS358901 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: PTC product: ThingsWorx Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '8.5' - '9.0' - '9.1' - '9.2' - All supported versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ptc.com/en/support/article/CS358901 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: PTV Group product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Ivanti Connect Secure (ICS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Ivanti Neurons for secure Access cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Ivanti Neurons for ZTA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Connect Secure cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Desktop Client cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Mobile Client cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse One cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Policy Secure cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Secure Services Director cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Secure Virtual Traffic Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse Secure Web Application Firewall cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Pulse ZTA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Puppet product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pure Storage product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22) notes: This advisory is available for customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Ivanti Neurons for ZTA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pulse Secure product: Ivanti Neurons for secure Access cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Pure Storage product: FlashBlade cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.1.x - 3.2.x - 3.3.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j notes: Patch expected 12/24/2021 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Pure Storage product: Flash Array cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 5.3.x - 6.0.x - 6.1.x - 6.2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j notes: Patch expected 12/20/2021 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Pure Storage product: Cloud Blockstore cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - CBS6.1.x - CBS6.2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j notes: Patch expected 12/27/2021 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Pure Storage product: Pure1 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - N/A unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Pure Storage product: PortWorx cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.8.0+ fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Pyramid Analytics product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.pyramidanalytics.com/t/83hjjt4/log4j-security-vulnerability-pyramid notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: QF-Test product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.qfs.de/en/blog/article/no-log4j-vulnerability-in-qf-test.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Qlik product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: QMATIC product: Orchestra Central cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 6.0+ cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: QMATIC product: Appointment Booking cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.4+ fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability notes: Update to v. 2.8.2 which contains log4j 2.16 references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: QMATIC product: Insights cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Cloud fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability notes: log4j 2.16 applied 2021-12-16 references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: QMATIC product: Appointment Booking cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Cloud/Managed Service fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability notes: log4j 2.16 applied 2021-12-15 references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: QNAP product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.qnap.com/en-uk/security-advisory/qsa-21-58 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: QOPPA product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kbdeveloper.qoppa.com/cve-2021-44228-apache-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: QSC Q-SYS product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://qscprod.force.com/selfhelpportal/s/article/Are-Q-SYS-products-affected-by-the-Log4j-vulnerability-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: QT product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.qt.io/blog/the-qt-company-products-not-affected-by-cve-2021-44228-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Quest Global product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.quest.com/fr-fr/search#q=CVE-2021-44228&t=Global notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: R product: R cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 4.1.1 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.r-project.org/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: R2ediviewer product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://r2ediviewer.de/DE/reload.html?Change-log_17858584.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Radware product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.radware.com/app/answers/answer_view/a_id/1029752 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Rapid7 product: AlcidekArt, kAdvisor, and kAudit cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: AppSpider Enterprise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: AppSpider Pro cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: Insight Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightAppSec Scan Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightAppSec Scan Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightCloudSec/DivvyCloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightConnect Orchestrator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightIDR Network Sensor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightIDR/InsightOps Collector & Event Sources cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightOps DataHub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - InsightOps DataHub <= 2.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: Upgrade [DataHub to version 2.0.1](https://rep.logentries.com/datahub/DataHub_2.0.1.deb) using the [following instructions](https://docs.rapid7.com/insightops/setting-up-datahub/). references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightOps non-Java logging libraries cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightOps r7insight_java logging library cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <=3.0.8 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: Upgrade [r7insight_java](https://github.com/rapid7/r7insight_java) to 3.0.9 references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightVM Kubernetes Monitor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightVM/Nexpose cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightVM/Nexpose Console cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: InsightVM/Nexpose Engine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: IntSights virtual appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: Logentries DataHub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Linux version <= 1.2.0.820; Windows version <= 1.2.0.820 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: 'Linux: Install DataHub_1.2.0.822.deb using the following [instructions](https://docs.logentries.com/docs/datahub-linux). Windows: Run version 1.2.0.822 in a Docker container or as a Java command per these [instructions](https://docs.logentries.com/docs/datahub-windows). You can find more details [here](https://docs.logentries.com/docs/datahub-linux).' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: Logentries le_java logging library cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 'All versions: this is a deprecated component' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: Migrate to version 3.0.9 of [r7insight_java](https://github.com/rapid7/r7insight_java) references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: Metasploit Framework cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: Metasploit Pro cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: Metasploit Pro ships with log4j but has specific configurations applied to it that mitigate Log4Shell. A future update will contain a fully patched version of log4j. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: tCell Java Agent cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rapid7 product: Velociraptor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - on-prem cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Raritan product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.raritan.com/support notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Ravelin product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://syslog.ravelin.com/log4shell-cve-2021-44228-4338bb8da67b notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Real-Time Innovations (RTI) product: Distributed Logger cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Real-Time Innovations (RTI) product: Recording Console cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Real-Time Innovations (RTI) product: RTI Administration Console cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Real-Time Innovations (RTI) product: RTI Code Generator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Real-Time Innovations (RTI) product: RTI Code Generator Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Real-Time Innovations (RTI) product: RTI Micro Application Generator (MAG) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - as part of RTI Connext Micro 3.0.0 - 3.0.1 - 3.0.2 - 3.0.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Real-Time Innovations (RTI) product: RTI Micro Application Generator (MAG) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - as part of RTI Connext Professional 6.0.0 and 6.0.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Real-Time Innovations (RTI) product: RTI Monitor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Red Hat product: Red Hat JBoss Enterprise Application Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '7' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: "[Maven Patch](https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.4)\ \ - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't\ \ affected." references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Red Hat Process Automation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '7' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: "[Maven Patch](https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=103671&product=rhpam&version=7.11.1&downloadType=patches)\ \ - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't\ \ affected." references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Red Hat CodeReady Studio cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 12.21.0 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '[CRS 12.21.1 Patch](https://developers.redhat.com/products/codeready-studio/download?source=sso)' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Red Hat Data Grid cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '8' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '[RHSA-2021:5132](http://access.redhat.com/errata/RHSA-2021:5132)' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Red Hat Integration Camel K cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '[RHSA-2021:5130](https://access.redhat.com/errata/RHSA-2021:5130)' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Red Hat Integration Camel Quarkus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '[RHSA-2021:5126](https://access.redhat.com/errata/RHSA-2021:5126)' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Red Hat JBoss A-MQ Streaming cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '[RHSA-2021:5138](https://access.redhat.com/errata/RHSA-2021:5138)' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Red Hat JBoss Fuse cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '7' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '[RHSA-2021:5134](https://access.redhat.com/errata/RHSA-2021:5134)' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Red Hat Vert.X cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - '4' unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '[RHSA-2021:5093](https://access.redhat.com/errata/RHSA-2021:5093)' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat OpenShift Container Platform 3.11 product: openshift3/ose-logging-elasticsearch5 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '[RHSA-2021:5094](http://access.redhat.com/errata/RHSA-2021:5094)' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat OpenShift Container Platform 4 product: openshift4/ose-logging-elasticsearch6 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: Please refer to Red Hat Customer Portal to find the right errata for your version. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat OpenShift Container Platform 4 product: openshift4/ose-metering-hive cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: Please refer to Red Hat Customer Portal to find the right errata for your version. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat OpenShift Container Platform 4 product: openshift4/ose-metering-presto cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: Please refer to Red Hat Customer Portal to find the right errata for your version. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat OpenShift Logging product: logging-elasticsearch6-container cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: Please refer to Red Hat Customer Portal to find the right errata for your version. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Red Hat Single Sign-On cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '7' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Red Hat Enterprise Linux cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '6' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Red Hat product: Red Hat Enterprise Linux cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '7' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Red Hat product: Red Hat Enterprise Linux cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '8' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Red Hat product: Red Hat build of Quarkus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Red Hat product: Red Hat Decision Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '7' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Red Hat Software Collections product: rh-java-common-log4j cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat Software Collections product: rh-maven35-log4j12 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat Software Collections product: rh-maven36-log4j12 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: log4j-core cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Satellite 5 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Spacewalk cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red Hat product: Red Hat JBoss Enterprise Application Platform Expansion Pack cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '7' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Red Hat OpenStack Platform 13 (Queens) product: opendaylight cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://access.redhat.com/security/cve/cve-2021-44228 notes: End of Life references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Red5Pro product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: RedGate product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.red-gate.com/privacy-and-security/vulnerabilities/2021-12-15-log4j-statement notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: ResMed product: myAir cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.resmed.com/en-us/security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: ResMed product: AirView cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.resmed.com/en-us/security/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Redis product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://redis.com/security/notice-apache-log4j2-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: Reiner SCT product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.reiner-sct.com/index.php?/topic/5973-timecard-und-log4j-schwachstelle/&do=findComment&comment=14933 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:33+00:00' - vendor: ReportURI product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://scotthelme.co.uk/responding-to-the-log4j-2-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Respondus product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.respondus.com/support/index.php?/News/NewsItem/View/339 notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Revenera / Flexera product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Ricoh product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ricoh.com/info/2021/1215_1/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: RingCentral product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ringcentral.com/trust-center/security-bulletin.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Riverbed product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportkb.riverbed.com/support/index?page=content&id=S35645 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Rockwell Automation product: FactoryTalk Analytics DataFlowML cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 4.00.00 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rockwell Automation product: FactoryTalk Analytics DataView cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.03.00 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rockwell Automation product: Industrial Data Center cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Gen 1 - Gen 2 - Gen 3 - Gen 3.5 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rockwell Automation product: MES EIG cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.03.00 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 notes: Customers should upgrade to EIG Hub if possible or work with their local representatives about alternative solutions. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rockwell Automation product: VersaVirtual cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Series A unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rockwell Automation product: Warehouse Management cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 4.01.00 - 4.02.00 - 4.02.01 - 4.02.02 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Rollbar product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://rollbar.com/blog/log4j-zero-day-2021-log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Rosette.com product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA product: SecurID Authentication Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA product: SecurID Authentication Manager Prime cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA product: SecurID Authentication Manager WebTier cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA product: SecurID Governance and Lifecycle cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA product: SecurID Governance and Lifecycle Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA product: SecurID Identity Router cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: RSA Netwitness product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Rstudioapi product: Rstudioapi cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '0.13' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/rstudio/rstudioapi notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Rubrik product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Ruckus product: Virtual SmartZone (vSZ) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 5.1 to 6.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.ruckuswireless.com/security_bulletins/313 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-13T00:00:00' - vendor: RunDeck by PagerDuty product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.rundeck.com/docs/history/CVEs/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: PagerDuty product: PagerDuty SaaS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.pagerduty.com/docs/pagerduty-log4j-zero-day-vulnerability notes: We currently see no evidence of compromises on our platform. Our teams continue to monitor for new developments and for impacts on sub-processors and dependent systems. PagerDuty SaaS customers do not need to take any additional action for their PagerDuty SaaS environment references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Runecast product: Runecast Analyzer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 6.0.3 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.runecast.com/release-notes notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SAE-IT product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SAFE FME Server product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SAGE product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SailPoint product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681 notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Salesforce product: Analytics Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Analytics Cloud is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: B2C Commerce Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: ClickSoftware (As-a-Service) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: ClickSoftware (On-Premise) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Please contact Customer Support."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: Community Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Community Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: Data.com cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Data.com is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: DataLoader cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - <=53.0.0 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/forcedotcom/dataloader/releases/tag/v53.0.1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Salesforce product: Datorama cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Datorama is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: Evergage (Interaction Studio) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: Force.com cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Force.com is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: Heroku cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Heroku is reported to not be affected by CVE-2021-44228; no further action is necessary at this time."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: Marketing Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Marketing Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: MuleSoft (Cloud) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: MuleSoft (On-Premise) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Please contact Customer Support."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: Pardot cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Pardot is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: Sales Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Sales Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: Service Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Service Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: Slack cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Slack is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: Social Studio cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Social Studio is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Salesforce product: Tableau (On-Premise) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - < 2021.4.1 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell notes: Fixed in 2021.4.1 references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Salesforce product: Tableau (Online) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.salesforce.com/s/articleView?id=000363736&type=1 notes: '"Tableau (Online) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Sangoma product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.sangoma.com/community/s/article/Log4Shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SAP product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: SAP Advanced Platform product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://launchpad.support.sap.com/#/notes/3130698 notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: SAP BusinessObjects product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blogs.sap.com/2021/12/16/cve-2021-44228-impact-of-log4j-vulnerability-on-sap-businessobjects/ notes: The support document is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: SAS product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SASSAFRAS product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sassafras.com/log4j-vulnerability-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Savignano software solutions product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://savignano.atlassian.net/wiki/spaces/SNOTIFY/blog/2021/12/13/2839740417/No+Log4j+Vulnerability+in+S+Notify notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SBT product: SBT cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <1.5.6 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://github.com/sbt/sbt/releases/tag/v1.5.7 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: ScaleComputing product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.scalecomputing.com/s/article/Apache-Log4j-Vulnerability notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: ScaleFusion MobileLock Pro product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.mobilock.in/article/t9sx43yg44-scalefusion-security-advisory-for-apache-log-4-j-vulnerability-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Schneider Electric product: EcoStruxure IT Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - V1.5.0 to V1.13.0 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://ecostruxureit.com/download-and-set-upecostruxureit-gateway/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: EcoStruxure IT Expert cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Cloud unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: Facility Expert Small Business cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Cloud unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: Wiser by SE platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - Cloud unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: EASYFIT cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: Ecoreal XL cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: Eurotherm Data Reviewer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - V3.0.2 and prior fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: MSE cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: NetBotz750/755 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Software versions 5.0 through 5.3.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: NEW630 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: SDK BOM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: SDK-Docgen cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: SDK-TNC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: SDK-UMS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: SDK3D2DRenderer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: SDK3D360Widget cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: Select and Config DATA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: SNC-API cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: SNC-CMM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: SNCSEMTECH cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: SPIMV3 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: SWBEditor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schneider Electric product: SWBEngine cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current software and earlier fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.se.com/us/en/download/document/7EN52-0390/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Schweitzer Engineering Laboratories product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://selinc.com/support/security-notifications/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: SCM Manager product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://scm-manager.org/blog/posts/2021-12-13-log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: ScreenBeam product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://customersupport.screenbeam.com/hc/en-us/articles/4416468085389-December-2021-Security-Alert-Log4j-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SDL worldServer product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://gateway.sdl.com/apex/communityknowledge?articleName=000017707 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Seagull Scientific product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.seagullscientific.com/hc/en-us/articles/4415794235543-Apache-Log4Shell-Vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SecurePoint product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.securepoint.de/news/details/sicherheitsluecke-log4j-securepoint-loesungen-nicht-betroffen.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Security Onion product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Securonix product: SNYPR Application cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-OnPrem-Customer-Update.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: Securonix product: Next Gen SIEM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf notes: Patching ongoing as of 12/10/2021 references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: Securonix product: User and Entity Behavior Analytics(UEBA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf notes: Patching ongoing as of 12/10/2021 references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: Securonix product: Security Analytics and Operations Platform (SOAR) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf notes: Patching ongoing as of 12/10/2021 references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: Securonix product: Extended Detection and Response (XDR) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf notes: Patching ongoing as of 12/10/2021 references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: Seeburger product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open notes: This advisory is avaiable to customers only and has not been reviewed by CISA. references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SentinelOne product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sentinelone.com/blog/cve-2021-44228-staying-secure-apache-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Sentry product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.sentry.io/2021/12/15/sentrys-response-to-log4j-vulnerability-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SEP product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.sep.de/otrs/public.pl?Action=PublicFAQZoom;ItemID=132 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Server Eye product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.server-eye.de/blog/sicherheitsluecke-log4j-server-eye-systeme-sind-nicht-betroffen/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: ServiceNow product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Shibboleth product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - http://shibboleth.net/pipermail/announce/2021-December/000253.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Shibboleth product: All Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - Identity Provider>=3.0 - All other software versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://shibboleth.net/pipermail/announce/2021-December/000253.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: Shopify product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Siebel product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Siemens product: Affected Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf notes: 'Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens product: Affected Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf notes: 'Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data' references: - '' reporter: cisagov last_updated: '2021-12-19T00:00:00' - vendor: Siemens Energy product: Affected Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf notes: 'Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Siemens Energy product: Affected Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf notes: 'Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Siemens Energy product: Affected Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf notes: 'Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Siemens Healthineers product: ATELLICA DATA MANAGER v1.1.1 / v1.2.1 / v1.3.1 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: If you have determined that your Atellica Data Manager has a “Java communication engine” service, and you require an immediate mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: CENTRALINK v16.0.2 / v16.0.3 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: If you have determined that your CentraLink has a “Java communication engine” service, and you require a mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: DICOM Proxy VB10A cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: remove the vulnerable class from the .jar file' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: Somatom Scope Som5 VC50 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: evaluation ongoing references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: Somatom Emotion Som5 VC50 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: evaluation ongoing references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: go.All, Som10 VA20 / VA30 / VA40 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: go.Fit, Som10 VA30 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: go.Now, Som10 VA10 / VA20 / VA30 / VA40 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: go.Open Pro, Som10 VA30 / VA40 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: go.Sim, Som10 VA30 / VA40 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: go.Top, Som10 VA20 / VA20A_SP5 / VA30 / VA40 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: go.Up, Som10 VA10 / VA20 / VA30 / VA40 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: MAGNETOM AERA 1,5T, MAGNETOM PRISMA, MAGNETOM PRISMA FIT, MAGNETOM SKYRA 3T NUMARIS/X VA30A cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: MAGNETOM Altea NUMARIS/X VA20A cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: MAGNETOM ALTEA, MAGNETOM LUMINA, MAGNETOM SOLA, MAGNETOM VIDA NUMARIS/X VA31A cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: MAGNETOM Amira NUMARIS/X VA12M cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: MAGNETOM Free.Max NUMARIS/X VA40 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: MAGNETOM Lumina NUMARIS/X VA20A cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: MAGNETOM Sempra NUMARIS/X VA12M cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: MAGNETOM Sola fit NUMARIS/X VA20A cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: MAGNETOM Sola NUMARIS/X VA20A cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: MAGNETOM Vida fit NUMARIS/X VA20A cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: MAGNETOM Vida NUMARIS/X VA10A* / VA20A cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: remove the vulnerable class from the .jar file' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: Syngo MobileViewer VA10A cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: The vulnerability will be patch/mitigated in upcoming releases\patches. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: syngo Plaza VB20A / VB20A_HF01 - HF07 / VB30A / VB30A_HF01 / VB30A_HF02 / VB30B / VB30C / VB30C_HF01 - HF06 / VB30C_HF91 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: remove the vulnerable class from the .jar file' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: syngo Workflow MLR VB37A / VB37A_HF01 / VB37A_HF02 / VB37B / VB37B_HF01 - HF07 / VB37B_HF93 / VB37B_HF94 / VB37B_HF96 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: Please contact your Customer Service to get support on mitigating the vulnerability. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: syngo.via VB20A / VB20A_HF01 - HF08 / VB20A_HF91 / VB20B / VB30A / VB30A_HF01 - VB30A_HF08 / VB30A_HF91VB30B / VB30B_HF01 / VB40A / VB40A_HF01 - HF02 /VB40B / VB40B_HF01 - HF05 / VB50A / VB50A_CUT / VB50A_D4VB50B / VB50B_HF01 - HF03 / VB60A / VB60A_CUT / VB60A_D4 / VB60A_HF01 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: remove the vulnerable class from the .jar file' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: evaluation ongoing references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: Cios Select FD/I.I. VA21 / VA21-S3P cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: evaluation ongoing references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: Cios Flow S1 / Alpha / Spin VA30 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: evaluation ongoing references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: syngo.via WebViewer VA13B / VA20A / VA20B cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: remove the vulnerable class from the .jar file' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: X.Ceed Somaris 10 VA40* cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Siemens Healthineers product: X.Cite Somaris 10 VA30*/VA40* cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228 notes: 'Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Sierra Wireless product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Signald product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://gitlab.com/signald/signald/-/issues/259 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Silver Peak product: Orchestrator, Silver Peak GMS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.arubanetworks.com/website/techdocs/sdwan/docs/advisories/media/security_advisory_notice_apache_log4j2_cve_2021_44228.pdf notes: Customer managed Orchestrator and legacy GMS products are affected by this vulnerability. This includes on-premise and customer managed instances running in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective Action Required for details about how to mitigate this exploit. references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' - vendor: SingleWire product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.singlewire.com/s/article/Apache-Log4j2-vulnerability-CVE-2021-44228 notes: This advisory is available to customers only and has not been reviewed by CISA references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Sitecore product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1001391 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Skillable product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://skillable.com/log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SLF4J product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - http://slf4j.org/log4shell.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Slurm product: Slurm cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 20.11.8 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://slurm.schedmd.com/documentation.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: SmartBear product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://smartbear.com/security/cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SmileCDR product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Snakemake product: Snakemake cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 6.12.1 cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://snakemake.readthedocs.io/en/stable/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: Sn0m product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.snom.com/en/press/log4j-poses-no-threat-snom-phones/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Snow Software product: Snow Commander cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - 8.1 to 8.10.2 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Snow Software product: VM Access Proxy cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: - v3.1 to v3.6 unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Snowflake product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.snowflake.com/s/article/No-Snowflake-exposure-to-Apache-Log4j-vulnerability-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Snyk product: Cloud Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://updates.snyk.io/snyk%27s-cloud-platform-all-clear-from-log4j-exploits-216499 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Software AG product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SolarWinds product: Database Performance Analyzer (DPA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2021.1.x - 2021.3.x - 2022.1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 notes: 'For more information, please see the following KB article: [link](https://support.solarwinds.com/SuccessCenter/s/article/Database-Performance-Analyzer-DPA-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US)' references: - '' reporter: cisagov last_updated: '2021-12-23T00:00:00' - vendor: SolarWinds product: Orion Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-23T00:00:00' - vendor: SolarWinds product: Server & Application Monitor (SAM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - SAM 2020.2.6 and later fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 notes: 'For more information, please see the following KB article for the latest details specific to the SAM hotfix: [link](https://support.solarwinds.com/SuccessCenter/s/article/Server-Application-Monitor-SAM-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US)' references: - '' reporter: cisagov last_updated: '2021-12-23T00:00:00' - vendor: SonarSource product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Sonatype product: All Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All Versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.sonatype.com/docs/important-announcements/sonatype-product-log4j-vulnerability-status notes: Sonatype uses logback as the default logging solution as opposed to log4j. This means our software including Nexus Lifecycle, Nexus Firewall, Nexus Repository OSS and Nexus Repository Pro in versions 2.x and 3.x are NOT affected by the reported log4j vulnerabilities. We still advise keeping your software upgraded at the latest version. references: - '' reporter: cisagov last_updated: '2021-12-29T00:00:00' - vendor: SonicWall product: Capture Client & Capture Client Portal cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Log4j2 not used in the Capture Client. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: Access Points cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Log4j2 not used in the SonicWall Access Points references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Under Review references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: Analyzer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Under Review references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: Capture Security Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Log4j2 not used in the Capture Security appliance. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: CAS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Under Review references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: Email Security cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: ES 10.0.11 and earlier versions are impacted references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: SonicWall product: Gen5 Firewalls (EOS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Log4j2 not used in the appliance. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: Gen6 Firewalls cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Log4j2 not used in the appliance. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: Gen7 Firewalls cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Log4j2 not used in the appliance. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: GMS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Under Review references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: MSW cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Mysonicwall service doesn't use Log4j references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: NSM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: NSM On-Prem and SaaS doesn't use a vulnerable version references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: SMA 100 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Log4j2 not used in the SMA100 appliance. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: SMA 1000 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Version 12.1.0 and 12.4.1 doesn't use a vulnerable version references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: SonicCore cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: SonicCore doesn't use a Log4j2 references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: SonicWall Switch cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Log4j2 not used in the SonicWall Switch. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: WAF cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Under Review references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: WNM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: Log4j2 not used in the WNM. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SonicWall product: WXA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 notes: WXA doesn't use a vulnerable version references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Sophos product: Cloud Optix cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce notes: Users may have noticed a brief outage around 12:30 GMT as updates were deployed. There was no evidence that the vulnerability was exploited and to our knowledge no customers are impacted. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Sophos product: Reflexion cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce notes: Reflexion does not run an exploitable configuration. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Sophos product: SG UTM (all versions) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce notes: Sophos SG UTM does not use Log4j. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Sophos product: SG UTM Manager (SUM) (all versions) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce notes: SUM does not use Log4j. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Sophos product: Sophos Central cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce notes: Sophos Central does not run an exploitable configuration. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Sophos product: Sophos Firewall (all versions) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce notes: Sophos Firewall does not use Log4j. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Sophos product: Sophos Home cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce notes: Sophos Home does not use Log4j. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Sophos product: Sophos Mobile cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce notes: Sophos Mobile (in Central, SaaS, and on-premises) does not run an exploitable configuration. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Sophos product: Sophos Mobile EAS Proxy cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - < 9.7.2 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce notes: The Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers will need to download and install version 9.7.2, available from Monday December 13, 2021, on the same machine where it is currently running. PowerShell mode is not affected. Customers can download the Standalone EAS Proxy Installer version 9.7.2 from the Sophos website. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Sophos product: Sophos ZTNA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce notes: Sophos ZTNA does not use Log4j. references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: SOS Berlin product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sos-berlin.com/en/news-mitigation-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Spambrella product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.spambrella.com/faq/status-of-spambrella-products-with-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Spigot product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.spigotmc.org/threads/spigot-security-releases-%E2%80%94-1-8-8%E2%80%931-18.537204/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Splunk product: Splunk Add-On for Java Management Extensions [App ID 2647](https://splunkbase.splunk.com/app/2647) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 5.2.0 and older fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Splunk Add-On for JBoss [App ID 2954](https://splunkbase.splunk.com/app/2954/) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.0.0 and older fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Add-On for Tomcat [App ID 2911](https://splunkbase.splunk.com/app/2911/) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.0.0 and older fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Data Stream Processor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - DSP 1.0.x - DSP 1.1.x - DSP 1.2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: IT Essentials Work [App ID 5403](https://splunkbase.splunk.com/app/5403/) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '4.11' - 4.10.x (Cloud only) - 4.9.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: IT Service Intelligence (ITSI) [App ID 1841](https://splunkbase.splunk.com/app/1841/) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 4.11.0 - 4.10.x (Cloud only) - 4.9.x - 4.8.x (Cloud only) - 4.7.x - 4.6.x - 4.5.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Connect for Kafka cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All versions prior to 2.0.4 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Enterprise (including instance types like Heavy Forwarders) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used. See Removing Log4j from Splunk Enterprise below for guidance on unsupported versions. fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Enterprise Amazon Machine Image (AMI) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - See Splunk Enterprise fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Enterprise Docker Container cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - See Splunk Enterprise fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Logging Library for Java cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.11.0 and older fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk OVA for VMWare [App ID 3216](https://splunkbase.splunk.com/app/3216/) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 4.0.3 and older fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk OVA for VMWare Metrics [App ID 5096](https://splunkbase.splunk.com/app/5096/) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 4.2.1 and older fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.1.1 and older fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk On-call / VictorOps cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Real User Monitoring cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Application Performance Monitoring cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Infrastructure Monitoring cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Log Observer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk Synthetics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Current fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Splunk product: Splunk UBA OVA Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 5.0.3a - 5.0.0 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T08:20:00-08:00' - vendor: Sprecher Automation product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sprecher-automation.com/en/it-security/security-alerts notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Spring product: Spring Boot cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot notes: Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Spring Boot product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: StarDog product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.stardog.com/t/stardog-7-8-1-available/3411 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: STERIS product: Advantage cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: Advantage Plus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: DSD Edge cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: EndoDry cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: RapidAER cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: Endora cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: Canexis 1.0 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: ConnectoHIS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: ScopeBuddy+ cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: DSD-201, cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: CER Optima cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: Renatron cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: ConnectAssure Technology cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: SPM Surgical Asset Tracking Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: CS-iQ Sterile Processing Workflow cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO 2000 SERIES WASHER DISINFECTORS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO 3000 SERIES WASHER DISINFECTORS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO 5000 SERIES WASHER DISINFECTORS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO 7000 SERIES WASHER DISINFECTORS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: RELIANCE 444 WASHER DISINFECTOR cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: RELIANCE SYNERGY WASHER DISINFECTOR cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: RELIANCE VISION 1300 SERIES CART AND UTENSIL WASHER DISINFECTORS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: RELIANCE VISION MULTI- CHAMBER WASHER DISINFECTOR cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: RELIANCE VISION SINGLE CHAMBER WASHER DISINFECTOR cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO 400 MEDIUM STEAM STERILIZER cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO 400 SMALL STEAM STERILIZERS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO 600 MEDIUM STEAM STERILIZER cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO CENTURY MEDIUM STEAM STERILIZER cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO CENTURY SMALL STEAM STERILIZER cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO EAGLE 3000 SERIES STAGE 3 STEAM STERILIZERS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO EVOLUTION FLOOR LOADER STEAM STERILIZER cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: AMSCO EVOLUTION MEDIUM STEAM STERILIZER cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: CELERITY HP INCUBATOR cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: CELERITY STEAM INCUBATOR cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: VERIFY INCUBATOR FOR ASSERT SELF-CONTAINED BIOLOGICAL INDICATORS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: SYSTEM 1 endo LIQUID CHEMICAL STERILANT PROCESSING SYSTEM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: V-PRO 1 LOW TEMPERATURE STERILIZATION SYSTEM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: V-PRO 1 PLUS LOW TEMPERATURE STERILIZATION SYSTEM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: V-PRO MAX 2 LOW TEMPERATURE STERILIZATION SYSTEM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: V-PRO MAX LOW TEMPERATURE STERILIZATION SYSTEM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: V-PRO S2 LOW TEMPERATURE STERILIZATION SYSTEM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: SecureCare ProConnect Technical Support Services cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: HexaVue Integration System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: IDSS Integration System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: Harmony iQ Integration Systems cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: HexaVue cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: Connect Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: Harmony iQ Perspectives Image Management System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: Clarity Software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: Situational Awareness for Everyone Display (S.A.F.E.) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: RealView Visual Workflow Management System cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: STERIS product: ReadyTracker cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Sterling Order IBM product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ibm.com/support/pages/node/6525544 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Storagement product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.storagement.de/index.php?action=topicofthemonth&site=log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: StormShield product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.stormshield.com/news/log4shell-security-alert-stormshield-product-response/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: StrangeBee TheHive & Cortex product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.strangebee.com/apache-log4j-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Stratodesk product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - http://cdn.stratodesk.com/repository/notouch-center/10/4.5.231/0/ReleaseNotes-Stratodesk-NoTouch_Center-4.5.231.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Strimzi product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://strimzi.io/blog/2021/12/14/strimzi-and-log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Stripe product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.stripe.com/questions/update-for-apache-log4j-vulnerability-(cve-2021-44228) notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Styra product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.styra.com/blog/newest-log4j-security-vulnerability-cve-2021-44228-log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Sumologic product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.google.com/document/d/e/2PACX-1vSdeODZ2E5k0aZgHm06OJWhDQWgtxxB0ZIrTsuQjg5xaoxlogmTVGdOWoSFtDlZBdHzY6ET6k6Sk-g1/pub notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SumoLogic product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.sumologic.com/Release-Notes/Collector-Release-Notes#december-11-2021-19-361-12 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Superna EYEGLASS product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://manuals.supernaeyeglass.com/project-technical-advisories-all-products/HTML/technical-advisories.html#h2__1912345025 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Suprema Inc product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.supremainc.com/en/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SUSE product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.suse.com/c/suse-statement-on-log4j-log4shell-cve-2021-44228-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Sweepwidget product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sweepwidget.com/view/23032-v9f40ns1/4zow83-23032 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Swyx product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://service.swyx.net/hc/de/articles/4412323539474 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Synchro MSP product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.syncromsp.com/t/log4j-rce-cve-2021-4428/1350 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Syncplify product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.syncplify.com/no-we-are-not-affected-by-log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Synology product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.synology.com/en-global/security/advisory/Synology_SA_21_30 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Synopsys product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.synopsys.com/s/article/SIG-Security-Advisory-for-Apache-Log4J2-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Syntevo product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.syntevo.com/blog/?p=5240 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: SysAid product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.sysaid.com/lp/important-update-regarding-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Sysdig product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://sysdig.com/blog/cve-critical-vulnerability-log4j/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Tableau product: Tableau Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 'The following versions and lower: 2021.4' - 2021.3.4 - 2021.2.5 - 2021.1.8 - 2020.4.11 - 2020.3.14 - 2020.2.19 - 2020.1.22 - 2019.4.25 - 2019.3.26 - 2019.2.29 - 2019.1.29 - 2018.3.29 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Tableau product: Tableau Desktop cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 'The following versions and lower: 2021.4' - 2021.3.4 - 2021.2.5 - 2021.1.8 - 2020.4.11 - 2020.3.14 - 2020.2.19 - 2020.1.22 - 2019.4.25 - 2019.3.26 - 2019.2.29 - 2019.1.29 - 2018.3.29 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Tableau product: Tableau Prep Builder cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 'The following versions and lower: 22021.4.1' - 2021.3.2 - 2021.2.2 - 2021.1.4 - 2020.4.1 - 2020.3.3 - 2020.2.3 - 2020.1.5 - 2019.4.2 - 2019.3.2 - 2019.2.3 - 2019.1.4 - 2018.3.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Tableau product: Tableau Public Desktop Client cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 'The following versions and lower: 2021.4' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Tableau product: Tableau Reader cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 'The following versions and lower: 2021.4' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Tableau product: Tableau Bridge cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 'The following versions and lower: 20214.21.1109.1748' - 20213.21.1112.1434 - 20212.21.0818.1843 - 20211.21.0617.1133 - 20204.21.0217.1203 - 20203.20.0913.2112 - 20202.20.0721.1350 - 20201.20.0614.2321 - 20194.20.0614.2307 - 20193.20.0614.2306 - 20192.19.0917.1648 - 20191.19.0402.1911 - 20183.19.0115.1143 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Talend product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://jira.talendforge.org/browse/TCOMP-2054 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Tanium product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://tanium.my.salesforce.com/sfc/p/#60000000IYkG/a/7V000000PeT8/8C98AHl7wP5_lpUwp3qmY5sSdwXx6wG6LE4gPYlxO8c notes: Tanium does not use Log4j. references: - '' reporter: cisagov last_updated: '2021-12-21T00:00:00' - vendor: TealiumIQ product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.tealiumiq.com/t5/Announcements-Blog/Update-on-Log4j-Security-Vulnerability/ba-p/36824 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: TeamPasswordManager product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://teampasswordmanager.com/blog/log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Teamviewer product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.teamviewer.com/en/trust-center/security-bulletins/hotfix-log4j2-issue/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Tech Software product: OneAegis (f/k/a IRBManager) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.techsoftware.com/hc/en-us/articles/4412825948179 notes: OneAegis does not use Log4j. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Tech Software product: SMART cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.techsoftware.com/hc/en-us/articles/4412825948179 notes: SMART does not use Log4j. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Tech Software product: Study Binders cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All versions cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.techsoftware.com/hc/en-us/articles/4412825948179 notes: Study Binders does not use Log4j. references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: TechSmith product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.techsmith.com/hc/en-us/articles/4416620527885?input_string=log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Telestream product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - http://www.telestream.net/telestream-support/Apache-Log4j2-Bulletin.htm notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Tenable product: Tenable.io / Nessus cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.tenable.com/log4j notes: None of Tenable’s products are running the version of Log4j vulnerable to CVE-2021-44228 or CVE-2021-45046 at this time references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:34+00:00' - vendor: Thales product: CipherTrust Application Data Protection (CADP) – CAPI.net & Net Core cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CipherTrust Cloud Key Manager (CCKM) Embedded cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CipherTrust Database Protection cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CipherTrust Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CipherTrust Transparent Encryption (CTE/VTE/CTE-U) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CipherTrust Vaultless Tokenization (CTS, CT-VL) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Data Protection on Demand cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Data Security Manager (DSM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: KeySecure cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Luna EFT cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Luna Network, PCIe, Luna USB HSM and backup devices cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Luna SP cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: ProtectServer HSMs cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet Authentication Client cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet IDPrime Virtual cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet eToken (all products) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet IDPrime(all products) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet LUKS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet ProtectApp (PA) CAPI, .Net & Net Core cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet ProtectDB (PDB) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet ProtectV cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Safenet ProtectFile and ProtectFile- Fuse cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet Transform Utility (TU) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet Trusted Access (STA) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet PKCS#11 and TDE cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet SQL EKM cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SAS on Prem (SPE/PCE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel EMS Enterprise OnPremise cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel ESDaaS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel Up cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel RMS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel Connect cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel Superdog, SuperPro, UltraPro, SHK cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel HASP, Legacy dog, Maze, Hardlock cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel Envelope cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Thales payShield 9000 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Thales payShield 10k cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Thales payShield Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Vormetirc Key Manager (VKM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Vormetric Application Encryption (VAE) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Vormetric Protection for Terradata Database (VPTD) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Vormetric Tokenization Server (VTS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: payShield Monitor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CADP/SafeNet Protect App (PA) - JCE cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CipherTrust Batch Data Transformation (BDT) 2.3 cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CipherTrust Cloud Key Manager (CCKM) Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CipherTrust Vaulted Tokenization (CT-V) / SafeNet Tokenization Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: CipherTrust/SafeNet PDBCTL cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Crypto Command Center (CCC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: SafeNet Vaultless Tokenization cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel LDK EMS (LDK-EMS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel LDKaas (LDK-EMS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel EMS Enterprise aaS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel Professional Services components (both Thales hosted & hosted on-premises by customers) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Sentinel SCL cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thales product: Thales Data Platform (TDP)(DDC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Thermo-Calc product: Thermo-Calc cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 2022a cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/ notes: Use the program as normal, Install the 2022a patch when available references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Thermo-Calc product: Thermo-Calc cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 2021b cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/ notes: Use the program as normal references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Thermo-Calc product: Thermo-Calc cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 2018b to 2021a cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/ notes: Use the program as normal, delete the Log4j 2 files in the program installation if required, see advisory for instructions. references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Thermo-Calc product: Thermo-Calc cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - 2018a and earlier cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/ notes: Use the program as normal references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Thermo Fisher Scientific product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://corporate.thermofisher.com/us/en/index/about/information-security/Protecting-Our-Products.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Thomson Reuters product: HighQ Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - <3.5 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://highqsolutions.zendesk.com notes: Reported by vendor - Documentation is in vendor's client portal (login required). This advisory is available to customer only and has not been reviewed by CISA. references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: ThreatLocker product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://threatlocker.kb.help/log4j-vulnerability/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: ThycoticCentrify product: Secret Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md notes: '' references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: ThycoticCentrify product: Privilege Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md notes: '' references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: ThycoticCentrify product: Account Lifecycle Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md notes: '' references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: ThycoticCentrify product: Privileged Behavior Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md notes: '' references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: ThycoticCentrify product: DevOps Secrets Vault cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md notes: '' references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: ThycoticCentrify product: Connection Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md notes: '' references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: ThycoticCentrify product: Password Reset Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md notes: '' references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: ThycoticCentrify product: Cloud Suite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - N/A cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md notes: '' references: - '' reporter: cisagov last_updated: '2021-12-10T00:00:00' - vendor: Tibco product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.tibco.com/support/notices/2021/12/apache-log4j-vulnerability-update notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Top Gun Technology (TGT) product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.topgun-tech.com/technical-bulletin-apache-software-log4j-security-vulnerability-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: TopDesk product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://my.topdesk.com/tas/public/ssp/content/detail/knowledgeitem?unid=74952771dfab4b0794292e63b0409314 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Topicus Security product: Topicus KeyHub cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.topicus-keyhub.com/topicus-keyhub-is-not-vulnerable-to-cve-2021-44228/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-20T00:00:00' - vendor: Topix product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.topix.de/de/technik/systemfreigaben.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Tosibox product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://helpdesk.tosibox.com/support/solutions/articles/2100050946-security-advisory-on-vulnerability-in-apache-log4j-library-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: TPLink product: Omega Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Linux/Windows(all) fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.tp-link.com/us/support/faq/3255 notes: 'Update is Beta. Reddit: overwritten vulnerable log4j with 2.15 files as potential workaround. Though that should now be done with 2.16' references: - '[Tp Community Link](https://community.tp-link.com/en/business/forum/topic/514452),[Reddit Link](https://www.reddit.com/r/TPLink_Omada/comments/rdzvlp/updating_the_sdn_to_protect_against_the_log4j)' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: TrendMicro product: All cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://success.trendmicro.com/solution/000289940 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Tricentis Tosca product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support-hub.tricentis.com/open?number=NEW0001148&id=post notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Tripwire product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.tripwire.com/log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Trimble product: eCognition cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 10.2.0 Build 4618 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: [] notes: Remediation steps provided by Trimble references: - '' reporter: cisagov last_updated: '2021-12-23T00:00:00' - vendor: TrueNAS product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.truenas.com/community/threads/log4j-vulnerability.97359/post-672559 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Tufin product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://portal.tufin.com/articles/SecurityAdvisories/Apache-Log4Shell-Vulnerability-12-12-2021 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: TYPO3 product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://typo3.org/article/typo3-psa-2021-004 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Ubiquiti product: UniFi Network Application cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 6.5.53 & lower versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Ubiquiti product: UniFi Network Controller cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 6.5.54 & lower versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.ui.com/releases/UniFi-Network-Application-6-5-55/48c64137-4a4a-41f7-b7e4-3bee505ae16e notes: '' references: - 6.5.54 is reported to still be vulnerable. 6.5.55 is the new recommendation for mitigatin log4j vulnerabilities by updating to log4j 2.16.0 reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Ubuntu product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://ubuntu.com/security/CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Umbraco product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: UniFlow product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.uniflow.global/en/security/security-and-maintenance/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Unify ATOS product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://networks.unify.com/security/advisories/OBSO-2112-01.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Unimus product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.unimus.net/viewtopic.php?f=7&t=1390#top notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: UiPath product: InSights cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - '20.10' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.uipath.com/legal/trust-and-security/cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: USSIGNAL MSP product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://ussignal.com/blog/apache-log4j-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: VArmour product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Varian product: Acuity cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: DITC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: ARIA Connect (Cloverleaf) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: ARIA oncology information system for Medical Oncology cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: XMediusFax for ARIA oncology information system for Medical Oncology cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: ARIA oncology information system for Radiation Oncology cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: ARIA eDOC cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: XMediusFax for ARIA oncology information system for Radiation Oncology cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: ARIA Radiation Therapy Management System (RTM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Bravos Console cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Clinac cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Cloud Planner cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: DoseLab cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Eclipse treatment planning software cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: ePeerReview cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Ethos cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: FullScale oncology IT solutions cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Halcyon system cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Identify cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Information Exchange Manager (IEM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: InSightive Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Large Integrated Oncology Network (LION) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: ICAP cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Mobius3D platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: ProBeam cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Qumulate cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Real-time Position Management (RPM) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Respiratory Gating for Scanners (RGSC) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: SmartConnect solution cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: 'See Knowledge Article: 000038850 on MyVarian' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: SmartConnect solution Policy Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: 'See Knowledge Articles: 000038831 and 000038832 on MyVarian' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: PaaS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: TrueBeam radiotherapy system cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: UNIQUE system cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Varian Authentication and Identity Server (VAIS) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Varian Managed Services Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: - All fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Varian Mobile App cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - '2.0' - '2.5' cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: VariSeed cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Velocity cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: VitalBeam radiotherapy system cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varian product: Vitesse cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Varnish Software product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.varnish-software.com/security/CVE-2021-44228-45046/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Varonis product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.varonis.com/s/article/Apache-Log4j-Zero-Day-Vulnerability-CVE-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Veeam product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.veeam.com/kb4254 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Venafi product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.venafi.com/hc/en-us/articles/4416213022733-Log4j-Zero-Day-Vulnerability-notice notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Veritas NetBackup product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.veritas.com/content/support/en_US/article.100052070 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Vertica product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.vertica.com/discussion/242512/vertica-security-bulletin-a-potential-vulnerability-has-been-identified-apache-log4j-library-used notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Viso Trust product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.visotrust.com/viso-trust-statement-re-cve-2021-44228-log4j-a4b9b5767492 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: VMware product: API Portal for VMware Tanzu cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: App Metrics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: Healthwatch for Tanzu Application Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.x - 1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: Single Sign-On for VMware Tanzu Application Service cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: Spring Cloud Gateway for Kubernetes cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: Spring Cloud Gateway for VMware Tanzu cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: Spring Cloud Services for VMware Tanzu cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Carbon Black Cloud Workload Appliance cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Carbon Black EDR Server cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 7.x - 6.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Cloud Foundation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 4.x - 3.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware HCX cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 4.x - 3.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Horizon cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 8.x - 7.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '[VMware KB 87073 (vmware.com)](https://kb.vmware.com/s/article/87073)' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: VMware product: VMware Horizon Cloud Connector cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.x - 2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Horizon DaaS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 9.1.x - 9.0.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Identity Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.3.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware NSX-T Data Centern cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.x - 2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Site Recovery Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 8.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Tanzu Application Service for VMs cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Tanzu GemFire cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 9.x - 8.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Tanzu Greenplum cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 6.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Tanzu Kubernetes Grid Integrated Edition cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Tanzu Observability by Wavefront Nozzle cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 3.x - 2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Tanzu Operations Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Tanzu SQL with MySQL for VMs cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.x - 1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Telco Cloud Automation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.x - 1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Unified Access Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 21.x - 20.x - 3.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware vCenter Cloud Gateway cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: vCenter Server - OVA cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 7.x - 6.7.x - 6.5.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '[Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081 )' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: VMware product: vCenter Server - Windows cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 6.7.x - 6.5.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '[Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096 )' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: VMware product: VMware vRealize Automation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 8.x - 7.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware vRealize Lifecycle Manager cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 8.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware vRealize Log Insight cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 8.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware vRealize Operations cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 8.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware vRealize Operations Cloud Proxy cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - Any fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware vRealize Orchestrator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 8.x - 7.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Workspace ONE Access cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 21.x - 20.10.x fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: VMware product: VMware Workspace ONE Access Connector (VMware Identity Manager Connector) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 21.x - 20.10.x - 19.03.0.1 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vmware.com/security/advisories/VMSA-2021-0028.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-12T00:00:00' - vendor: Vyaire product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.vyaire.com/sites/us/files/2021-12/2021-12-15-product-security-bulletin-for-log4shell-vulnerability.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: WAGO product: WAGO Smart Script cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 4.2.x < 4.8.1.3 fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.wago.com/de/automatisierungstechnik/psirt#log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Wallarm product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://lab.wallarm.com/cve-2021-44228-mitigation-update/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Wasp Barcode technologies product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.waspbarcode.com/kb/articles/assetcloud-inventorycloud-are-they-affected-by-the-java-exploit-log4j-no notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: WatchGuard product: Secplicity cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Western Digital product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: WIBU Systems product: CodeMeter Keyring for TIA Portal cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 1.30 and prior fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf notes: Only the Password Manager is affected references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: WIBU Systems product: CodeMeter Cloud Lite cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 2.2 and prior fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: WindRiver product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: WireShark product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://gitlab.com/wireshark/wireshark/-/issues/17783 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Wistia product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.wistia.com/incidents/jtg0dfl5l224 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: WitFoo product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: WordPress product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://wordpress.org/support/topic/is-the-log4j-vulnerability-an-issue/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Worksphere product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.worksphere.com/product/security-update-on-log4j-cve-2021-44228 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Wowza product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: WSO2 product: WSO2 Enterprise Integrator cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 6.1.0 and above fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://docs.wso2.com/pages/viewpage.action?pageId=180948677 notes: A temporary mitigation is available while vendor works on update references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: XCP-ng product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://xcp-ng.org/forum/topic/5315/log4j-vulnerability-impact notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: XenForo product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://xenforo.com/community/threads/psa-potential-security-vulnerability-in-elasticsearch-5-via-apache-log4j-log4shell.201145/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Xerox product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://security.business.xerox.com/wp-content/uploads/2021/12/Xerox-Special-Bulletin-Regarding-CVE-2021-44228.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: XPertDoc product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://kb.xpertdoc.com/pages/viewpage.action?pageId=87622727 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: XPLG product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xplg.com/log4j-vulnerability-exploit-log4shell-xplg-secure/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: XWIKI product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://forum.xwiki.org/t/log4j-cve-2021-44228-log4shell-zero-day-vulnerability/9557 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Xylem product: Aquatalk cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Avensor cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Sensus Analytics cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Sensus Automation Control Configuration change complete cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Sensus Cathodic Protection Mitigation in process Mitigation in process cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Sensus FieldLogic LogServer cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Sensus Lighting Control cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Sensus NetMetrics Configuration change complete cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Sensus RNI Saas cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 4.7 through 4.10 - 4.4 through 4.6 - '4.2' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Sensus RNI On Prem cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - 4.7 through 4.10 - 4.4 through 4.6 - '4.2' fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Sensus SCS cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Smart Irrigation cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Water Loss Management (Visenti) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Configuration change complete cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Xylem Cloud cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Xylem product: Xylem Edge Gateway (xGW) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: Yellowbrick product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.yellowbrick.com/hc/en-us/articles/4412586575379-Security-Advisory-Yellowbrick-is-NOT-Affected-by-the-Log4Shell-Vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: YellowFin product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: YOKOGAWA product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-22T00:00:00' - vendor: YSoft SAFEQ product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zabbix product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://blog.zabbix.com/zabbix-not-affected-by-the-log4j-exploit/17873/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: ZAMMAD product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zaproxy product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zebra product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zebra.com/us/en/support-downloads/lifeguard-security/cve-2021-442280-dubbed-log4shell-or-logjam-vulnerability.html notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zendesk product: All Products cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: - All Versions fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.zendesk.com/hc/en-us/articles/4413583476122 notes: Zendesk products are all cloud-based; thus there are no updates for the customers to install as the company is working on patching their infrastructure and systems. references: - '' reporter: cisagov last_updated: '2021-12-13T00:00:00' - vendor: Zenoss product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.zenoss.com/hc/en-us notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zentera Systems, Inc. product: CoIP Access Platform cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - All cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.zentera.net/hc/en-us/articles/4416227743511--CVE-2021-44228-Log4Shell-Vulnerability-in-Apache-Log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-17T00:00:00' - vendor: Zerto product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://help.zerto.com/kb/000004822 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zesty product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zesty.io/mindshare/company-announcements/log4j-exploit/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zimbra product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://bugzilla.zimbra.com/show_bug.cgi?id=109428 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zix product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://status.appriver.com/ notes: '' references: - '' reporter: cisagov last_updated: '2021-12-16T00:00:00' - vendor: Zoom product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: ZPE systems Inc product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://support.zpesystems.com/portal/en/kb/articles/is-nodegrid-os-and-zpe-cloud-affected-by-cve-2021-44228-apache-log4j notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zscaler product: See Link (Multiple Products) cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://trust.zscaler.com/posts/9581 notes: '' references: - '' reporter: cisagov last_updated: '2021-12-15T00:00:00' - vendor: Zyxel product: '' cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://www.zyxel.com/support/Zyxel_security_advisory_for_Apache_Log4j_RCE_vulnerability.shtml notes: '' references: - '' reporter: cisagov last_updated: '2021-12-30T19:06:35+00:00' - vendor: Zyxel product: Security Firewall/Gateways cves: cve-2021-4104: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-44228: investigated: true affected_versions: [] fixed_versions: [] unaffected_versions: - ZLD Firmware Security Services - Nebula cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] cve-2021-45105: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] vendor_links: - https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability notes: '' references: - '' reporter: cisagov last_updated: '2021-12-14T00:00:00' ...