mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-17 06:17:55 +00:00
45 lines
3.6 KiB
Markdown
45 lines
3.6 KiB
Markdown
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
|
|
|
|
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
|
|
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
|
|
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
|
|
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
|
|
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
|
|
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
|
|
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
|
|
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
|
|
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
|
|
|
|
## Status Descriptions ##
|
|
|
|
| Status | Description |
|
|
| ------ | ----------- |
|
|
| Unknown | Status unknown. Default choice. |
|
|
| Affected | Reported to be affected by CVE-2021-44228. |
|
|
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
|
|
| Fixed | Patch and/or mitigations available (see provided links). |
|
|
| Under Investigation | Vendor investigating status. |
|
|
|
|
## Software List ##
|
|
|
|
This list has been populated using information from the following sources:
|
|
|
|
- Kevin Beaumont
|
|
- SwitHak
|
|
- National Cyber Security Centre - Netherlands (NCSC-NL)
|
|
|
|
NOTE: This file is automatically generated. To submit updates, please refer to
|
|
[`CONTRIBUTING.md`](CONTRIBUTING.md).
|
|
|
|
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
|
|
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
|
|
| Ubiquiti | UniFi Network Application | 6.5.53 & lower versions | | Affected | [link](https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| Ubiquiti | UniFi Network Controller | 6.5.54 & lower versions | | Affected | [link](https://community.ui.com/releases/UniFi-Network-Application-6-5-55/48c64137-4a4a-41f7-b7e4-3bee505ae16e) | | 6.5.54 is reported to still be vulnerable. 6.5.55 is the new recommendation for mitigatin log4j vulnerabilities by updating to log4j 2.16.0 | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
|
| Ubuntu | | | | Unknown | [link](https://ubuntu.com/security/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| UiPath | InSights | 20.10 | | Affected | [link](https://www.uipath.com/legal/trust-and-security/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
|
| Umbraco | | | | Unknown | [link](https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| UniFlow | | | | Unknown | [link](https://www.uniflow.global/en/security/security-and-maintenance/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| Unify ATOS | | | | Unknown | [link](https://networks.unify.com/security/advisories/OBSO-2112-01.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| Unimus | | | | Unknown | [link](https://forum.unimus.net/viewtopic.php?f=7&t=1390#top) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| USSIGNAL MSP | | | | Unknown | [link](https://ussignal.com/blog/apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|