mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-18 23:07:54 +00:00
1905279e0a
Add the files that were updated as part of the reintegration process. This process involved rebasing back to the original YAML conversion, updating those files, and then stepping through the rebase to integrate changes that have been made since.
652 lines
18 KiB
YAML
652 lines
18 KiB
YAML
---
|
|
version: '1.0'
|
|
owners:
|
|
- name: cisagov
|
|
url: https://github.com/cisagov/log4j-affected-db
|
|
software:
|
|
- vendor: XCP-ng
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://xcp-ng.org/forum/topic/5315/log4j-vulnerability-impact
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: XenForo
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://xenforo.com/community/threads/psa-potential-security-vulnerability-in-elasticsearch-5-via-apache-log4j-log4shell.201145/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Xerox
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://securitydocs.business.xerox.com/wp-content/uploads/2021/12/Xerox-Special-Bulletin-XRX21-021-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.6.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: XPertDoc
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://kb.xpertdoc.com/pages/viewpage.action?pageId=87622727
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: XPLG
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xplg.com/log4j-vulnerability-exploit-log4shell-xplg-secure/
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: XWIKI
|
|
product: ''
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://forum.xwiki.org/t/log4j-cve-2021-44228-log4shell-zero-day-vulnerability/9557
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2022-01-12T07:18:50+00:00'
|
|
- vendor: Xylem
|
|
product: Aquatalk
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Avensor
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Configuration change complete
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Sensus Analytics
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Sensus Automation Control Configuration change complete
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Sensus Cathodic Protection Mitigation in process Mitigation in process
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Sensus FieldLogic LogServer
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Sensus Lighting Control
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Sensus NetMetrics Configuration change complete
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Sensus RNI On Prem
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- 4.7 through 4.10
|
|
- 4.4 through 4.6
|
|
- '4.2'
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Sensus RNI Saas
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: true
|
|
affected_versions:
|
|
- 4.7 through 4.10
|
|
- 4.4 through 4.6
|
|
- '4.2'
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Sensus SCS
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Smart Irrigation
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Water Loss Management (Visenti)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Xylem Cloud
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
- vendor: Xylem
|
|
product: Xylem Edge Gateway (xGW)
|
|
cves:
|
|
cve-2021-4104:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-44228:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45046:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
cve-2021-45105:
|
|
investigated: false
|
|
affected_versions: []
|
|
fixed_versions: []
|
|
unaffected_versions: []
|
|
vendor_links:
|
|
- https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
|
|
notes: ''
|
|
references:
|
|
- ''
|
|
last_updated: '2021-12-22T00:00:00'
|
|
...
|