mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-24 17:30:47 +00:00
1905279e0a
Add the files that were updated as part of the reintegration process. This process involved rebasing back to the original YAML conversion, updating those files, and then stepping through the rebase to integrate changes that have been made since.
273 lines
7.3 KiB
YAML
273 lines
7.3 KiB
YAML
---
|
|
version: '1.0'
|
|
owners:
|
|
- name: cisagov
|
|
url: https://github.com/cisagov/log4j-affected-db
|
|
software:
|
|
- vendor: Ubiquiti
|
|
product: UniFi Network Application
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- 6.5.53 & lower versions
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Ubiquiti
|
|
product: UniFi Network Controller
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- 6.5.54 & lower versions
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://community.ui.com/releases/UniFi-Network-Application-6-5-55/48c64137-4a4a-41f7-b7e4-3bee505ae16e
|
|
notes: ''
|
|
references:
|
|
- 6.5.54 is reported to still be vulnerable. 6.5.55 is the new recommendation
|
|
for mitigatin log4j vulnerabilities by updating to log4j 2.16.0
|
|
last_updated: '2021-12-15T00:00:00'
|
|
- vendor: Ubuntu
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://ubuntu.com/security/CVE-2021-44228
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: UiPath
|
|
product: InSights
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- '20.10'
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.uipath.com/legal/trust-and-security/cve-2021-44228
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-15T00:00:00'
|
|
- vendor: Umbraco
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: UniFlow
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.uniflow.global/en/security/security-and-maintenance/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Unify ATOS
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://networks.unify.com/security/advisories/OBSO-2112-01.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Unimus
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://forum.unimus.net/viewtopic.php?f=7&t=1390#top
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: USSIGNAL MSP
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://ussignal.com/blog/apache-log4j-vulnerability
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
...
|