mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-09 18:37:55 +00:00
580 lines
16 KiB
YAML
580 lines
16 KiB
YAML
---
|
|
version: '1.0'
|
|
owners:
|
|
- name: cisagov
|
|
url: https://github.com/cisagov/log4j-affected-db
|
|
software:
|
|
- vendor: Yahoo
|
|
product: Vespa
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45105:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
vendor_links:
|
|
- https://blog.vespa.ai/log4j-vulnerability/
|
|
notes: Your Vespa application may still be affected if log4j is included in your application package.
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Yellowbrick
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://support.yellowbrick.com/hc/en-us/articles/4412586575379-Security-Advisory-Yellowbrick-is-NOT-Affected-by-the-Log4Shell-Vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: YellowFin
|
|
product: All
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- '8.0.10.3, 9.7.0.2'
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2
|
|
notes: v7 and v6 releases are not affected unless you have manually upgraded to Log4j2.
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Yenlo
|
|
product: Connext
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- '2.x'
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yenlo.com/news/vulnerability-code-log4shell-log4j2/
|
|
notes: Connext Platform (Managed WSO2 Cloud) and all underlying middleware components are not vulnerable.
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: YOKOGAWA
|
|
product: CENTUM VP
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
|
notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: YOKOGAWA
|
|
product: CENTUM VP (other components)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
|
notes: Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier is still under investigation.
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: YOKOGAWA
|
|
product: CI Server
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: YOKOGAWA
|
|
product: Exaopc
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: YOKOGAWA
|
|
product: Exaplog
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: YOKOGAWA
|
|
product: Exaquantum
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: YOKOGAWA
|
|
product: FAST/TOOLS
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: YOKOGAWA
|
|
product: PRM
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: YOKOGAWA
|
|
product: ProSafe-RS
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: YOKOGAWA
|
|
product: ProSafe-RS Lite
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: YOKOGAWA
|
|
product: STARDOM
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: YOKOGAWA
|
|
product: VTSPortal
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: YSoft
|
|
product: SAFEQ 4
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-02-01T07:18:50+00:00'
|
|
- vendor: YSoft
|
|
product: SAFEQ 5
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-02-01T07:18:50+00:00'
|
|
- vendor: YSoft
|
|
product: SAFEQ 6
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions: []
|
|
fixed_versions:
|
|
- '<=6.0.63'
|
|
unaffected_versions:
|
|
- ''
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-02-01T07:18:50+00:00'
|
|
...
|