mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-21 16:20:46 +00:00
1905279e0a
Add the files that were updated as part of the reintegration process. This process involved rebasing back to the original YAML conversion, updating those files, and then stepping through the rebase to integrate changes that have been made since.
1357 lines
37 KiB
YAML
1357 lines
37 KiB
YAML
---
|
|
version: '1.0'
|
|
owners:
|
|
- name: cisagov
|
|
url: https://github.com/cisagov/log4j-affected-db
|
|
software:
|
|
- vendor: Objectif Lune
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://learn.objectiflune.com/blog/security/statement-on-log4j-vulnerability-cve-2021-4428/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: OCLC
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://oclc.service-now.com/status
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Octopus
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://advisories.octopus.com/adv/December.2306508680.html
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Okta
|
|
product: Advanced Server Access
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://sec.okta.com/articles/2021/12/log4shell
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-12T00:00:00'
|
|
- vendor: Okta
|
|
product: Okta Access Gateway
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://sec.okta.com/articles/2021/12/log4shell
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-12T00:00:00'
|
|
- vendor: Okta
|
|
product: Okta AD Agent
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://sec.okta.com/articles/2021/12/log4shell
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-12T00:00:00'
|
|
- vendor: Okta
|
|
product: Okta Browser Plugin
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://sec.okta.com/articles/2021/12/log4shell
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-12T00:00:00'
|
|
- vendor: Okta
|
|
product: Okta IWA Web Agent
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://sec.okta.com/articles/2021/12/log4shell
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-12T00:00:00'
|
|
- vendor: Okta
|
|
product: Okta LDAP Agent
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://sec.okta.com/articles/2021/12/log4shell
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-12T00:00:00'
|
|
- vendor: Okta
|
|
product: Okta Mobile
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://sec.okta.com/articles/2021/12/log4shell
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-12T00:00:00'
|
|
- vendor: Okta
|
|
product: Okta On-Prem MFA Agent
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- < 1.4.6
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-12T00:00:00'
|
|
- vendor: Okta
|
|
product: Okta RADIUS Server Agent
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- < 2.17.0
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-12T00:00:00'
|
|
- vendor: Okta
|
|
product: Okta Verify
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://sec.okta.com/articles/2021/12/log4shell
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-12T00:00:00'
|
|
- vendor: Okta
|
|
product: Okta Workflows
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://sec.okta.com/articles/2021/12/log4shell
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-12T00:00:00'
|
|
- vendor: Onespan
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.onespan.com/remote-code-execution-vulnerability-in-log4j2-cve-2018-11776
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Opengear
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://opengear.zendesk.com/hc/en-us/articles/4412713339419-CVE-2021-44228-aka-Log4Shell-Opengear-products-are-not-affected
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: OpenMRS TALK
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://talk.openmrs.org/t/urgent-security-advisory-2021-12-11-re-apache-log4j-2/35341
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: OpenNMS
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: OpenSearch
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://discuss.opendistrocommunity.dev/t/log4j-patch-for-cve-2021-44228/7950
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: OpenText
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.opentext.com/support/log4j-remote-code-execution-advisory
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-23T00:00:00'
|
|
- vendor: Opto 22
|
|
product: GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- < 4.3g
|
|
fixed_versions:
|
|
- 4.3g
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
|
|
notes: The Log4j vulnerability affects all products running groov View software
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-13T00:00:00'
|
|
- vendor: Opto 22
|
|
product: GROOV-AT1, GROOV-AT1-SNAP
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- < 4.3g
|
|
fixed_versions:
|
|
- 4.3g
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
|
|
notes: The Log4j vulnerability affects all products running groov View software
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-13T00:00:00'
|
|
- vendor: Opto 22
|
|
product: GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- < 4.3g
|
|
fixed_versions:
|
|
- 4.3g
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
|
|
notes: The Log4j vulnerability affects all products running groov View software
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-13T00:00:00'
|
|
- vendor: Opto 22
|
|
product: GRV-EPIC-PR1, GRV-EPIC-PR2
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- < 3.3.2
|
|
fixed_versions:
|
|
- 3.3.2
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit
|
|
notes: The Log4j vulnerability affects all products running groov View software
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-13T00:00:00'
|
|
- vendor: Oracle
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
|
|
notes: The support document is available to customers only and has not been reviewed
|
|
by CISA
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: Oracle
|
|
product: Enterprise Manager
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- '13.5'
|
|
- 13.4 & 13.3.2
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
|
|
notes: Patch status and other security guidance is restricted to Oracle account/support
|
|
members. The support document is available to customers only and has not been
|
|
reviewed by CISA.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: Oracle
|
|
product: Exadata
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- <21.3.4
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.oracle.com/security-alerts/alert-cve-2021-44228.html
|
|
notes: Patch status and other security guidance is restricted to Oracle account/support
|
|
members. The support document is available to customers only and has not been
|
|
reviewed by CISA.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: Orgavision
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.orgavision.com/neuigkeiten/sicherheitsluecke-java-library-log4j
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Osirium
|
|
product: PAM
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.osirium.com/blog/apache-log4j-vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Osirium
|
|
product: PEM
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.osirium.com/blog/apache-log4j-vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Osirium
|
|
product: PPA
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.osirium.com/blog/apache-log4j-vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: OTRS
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://portal.otrs.com/external
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: OVHCloud
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://blog.ovhcloud.com/log4shell-how-to-protect-my-cloud-workloads/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: OwnCloud
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://central.owncloud.org/t/owncloud-not-directly-affected-by-log4j-vulnerability/35493
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: OxygenXML
|
|
product: Author
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links: []
|
|
notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: OxygenXML
|
|
product: Developer
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links: []
|
|
notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: OxygenXML
|
|
product: Editor
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links: []
|
|
notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: OxygenXML
|
|
product: Oxygen Content Fusion
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- '2.0'
|
|
- '3.0'
|
|
- '4.1'
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links: []
|
|
notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: OxygenXML
|
|
product: Oxygen Feedback Enterprise
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- 1.4.4 & older
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links: []
|
|
notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: OxygenXML
|
|
product: Oxygen License Server
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- v22.1 to v24.0
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links: []
|
|
notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: OxygenXML
|
|
product: Oxygen PDF Chemistry
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- v22.1
|
|
- '23.0'
|
|
- '23.1'
|
|
- '24.0'
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links: []
|
|
notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: OxygenXML
|
|
product: Oxygen SDK
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links: []
|
|
notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: OxygenXML
|
|
product: Plugins (see advisory link)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links: []
|
|
notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: OxygenXML
|
|
product: Publishing Engine
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links: []
|
|
notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: OxygenXML
|
|
product: Web Author
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links: []
|
|
notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
- vendor: OxygenXML
|
|
product: WebHelp
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links: []
|
|
notes: '[https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html)'
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-17T00:00:00'
|
|
...
|