1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-17 06:17:55 +00:00
log4j-affected-db/data/cisagov_W.yml
2022-02-03 11:47:22 -05:00

972 lines
26 KiB
YAML

---
version: '1.0'
owners:
- name: cisagov
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: WAGO
product: WAGO Smart Script
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '4.2.x < 4.8.1.3'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.wago.com/de/automatisierungstechnik/psirt#log4j
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Wallarm
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://lab.wallarm.com/cve-2021-44228-mitigation-update/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wallix
product: Access Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.wallix.com/fr/support/alerts/
notes: Customer Portal for patch found in advisory. This patch is available to customer only and has not been reviewed by CISA.
references:
- ''
- vendor: Wasp Barcode technologies
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.waspbarcode.com/kb/articles/assetcloud-inventorycloud-are-they-affected-by-the-java-exploit-log4j-no
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Watcher
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://twitter.com/felix_hrn/status/1470387338001977344
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WatchGuard
product: AuthPoint
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 'Cloud'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WatchGuard
product: Dimension
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WatchGuard
product: EDPR and Panda AD360
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WatchGuard
product: Firebox
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WatchGuard
product: System Manager, Dimension, and Panda AD360
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WatchGuard
product: Threat Detection and Response
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Cloud
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WatchGuard
product: Wi-Fi Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Cloud
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Western Digital
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WIBU Systems
product: CodeMeter Cloud Lite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '2.2 and prior'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: WIBU Systems
product: CodeMeter Keyring for TIA Portal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.30 and prior
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf
notes: Only the Password Manager is affected
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: WildFly
product: All
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '< 22'
- '> 26.0.0.Final'
- '>= 22'
- '<= 26.0.0.Beta1'
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://www.wildfly.org/news/2021/12/13/Log4j-CVEs/
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS17
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS18
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS19
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: LTS21
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wind River
product: WRL-6
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: WRL-7
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: WRL-8
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2
and JMSAppender components, however, JMSAppender is deactivated in the release
package and not affected by CVE-2021-4104 customers are advised to NOT manually
activate the JMSAppender component.
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: Wind River
product: WRL-9
cves:
cve-2021-4104:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45105:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
vendor_links:
- https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191
notes: ''
references:
- ''
last_updated: '2022-01-21T00:00:00'
- vendor: WireShark
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.wireshark.org/news/20211215.html
notes: ''
references:
- ''
last_updated: '2021-12-15T07:18:50+00:00'
- vendor: Wistia
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://status.wistia.com/incidents/jtg0dfl5l224
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WitFoo
product: Precinct
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions:
- '6.x'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/
notes: WitFoo Streamer & Apache Kafka Docker containers are/were vulnerable. See advisory.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WordPress
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://wordpress.org/support/topic/is-the-log4j-vulnerability-an-issue/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Worksphere
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.worksphere.com/product/security-update-on-log4j-cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Wowza
product: Streaming Engine
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '4.7.8'
- '4.8.x'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: WSO2
product: WSO2 Enterprise Integrator
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.1.0 and above
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.wso2.com/pages/viewpage.action?pageId=180948677
notes: A temporary mitigation is available while vendor works on update
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
...