1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-15 05:17:54 +00:00
log4j-affected-db/data/cisagov_A.yml
2022-02-16 14:27:07 -05:00

10494 lines
292 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
version: '1.0'
owners:
- name: cisagov
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: ABB
product: AlarmInsight Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://library.e.abb.com/public/33d17fce257142a9bc12de09d5b03e4f/9ADB012621_CyberSecurityNotification_Log4Shell_Vulnerabilities_RevE.pdf?x-sign=FsPI10PMyN3QM7OoR2bIwFRdFmC/BCX+5CZVPKdq2/rx0Nh8iHMAwluUVEaTFDjt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ABB
product: B&R Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://library.e.abb.com/public/33d17fce257142a9bc12de09d5b03e4f/9ADB012621_CyberSecurityNotification_Log4Shell_Vulnerabilities_RevE.pdf?x-sign=FsPI10PMyN3QM7OoR2bIwFRdFmC/BCX+5CZVPKdq2/rx0Nh8iHMAwluUVEaTFDjt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ABB
product: Remote Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://library.e.abb.com/public/33d17fce257142a9bc12de09d5b03e4f/9ADB012621_CyberSecurityNotification_Log4Shell_Vulnerabilities_RevE.pdf?x-sign=FsPI10PMyN3QM7OoR2bIwFRdFmC/BCX+5CZVPKdq2/rx0Nh8iHMAwluUVEaTFDjt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Abbott
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.abbott.com/policies/cybersecurity/apache-Log4j.html
notes: Details are shared with customers with an active RAP subscription.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Abbott
product: GLP Track System
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Track Sample Manager (TSM)
- Track Workflow Manager (TWM)
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.abbott.com/policies/cybersecurity/apache-Log4j.html
notes: Abbott will provide a fix for this in a future update expected in January
2022.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Abnormal Security
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://abnormalsecurity.com/blog/attackers-use-email-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accellence Technologies
product: EBÜS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- All
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accellence.de/en/articles/cve-2021-44228-62
notes: EBÜS itself is not vulnerable to CVE-2021-44228. Although it includes several
3rd-party software setups, which may be affected.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accellence Technologies
product: Vimacc
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accellence.de/en/articles/cve-2021-44228-62
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accellion
product: Kiteworks
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v7.6 release
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.kiteworks.com/kiteworks-news/log4shell-apache-vulnerability-what-kiteworks-customers-need-to-know/
notes: As a precaution, Kiteworks released a 7.6.1 Hotfix software update to address
the vulnerability. This patch release adds the mitigation for CVE-2021-44228
contained in the Solr package as recommended by Apache Solr group. Specifically,
it updates the Log4j library to a non-vulnerable version on CentOS 7 systems
as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true"
to disable the possible attack vector on both CentOS 6 and CentOS 7.
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Accruent
product: Analytics
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Asset Enterprise
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: BigCenter
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: EMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Evoco
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Expesite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Famis 360
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Lucernex
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Maintenance Connection
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Meridian
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Single Sign On (SSO, Central Auth)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: SiteFM3
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: SiteFM4
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: Siterra
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: TMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: VxField
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: VxMaintain
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: VxObserve
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accruent
product: VxSustain
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accruent.com/apache_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acquia
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.acquia.com/hc/en-us/articles/4415823329047-Apache-log4j-CVE-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '11.7'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Cyber Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '12.5'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Cyber Files
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.6.2 onwards
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Cyber Infrastructure
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '3.5'
- 4.x
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Cyber Protect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '15'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Cyber Protection Home Office
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 2017 onwards
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: DeviceLock DLP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '9.0'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Files Connect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 10.7 onwards
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: MassTransit
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '8.1'
- '8.2'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: Snap Deploy
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '5'
- '6'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ActiveState
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.activestate.com/blog/activestate-statement-java-log4j-vulnerability/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
product: '360'
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
product: Agents
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
product: Application
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
product: IAST - ASP.NET
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
product: IAST - NodeJS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
product: IAST - PHP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acunetix
product: IAST-Java
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- All
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
notes: AcuSensor IAST module needs attention.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adaptec
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://ask.adaptec.com/app/answers/detail/a_id/17523/kw/log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Addigy
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://addigy.com/blog/addigy-and-apaches-log4j2-cve-2021-44228-status/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adeptia
product: Connect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '3.3'
- '3.4'
- '3.5'
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.adeptia.com/hc/en-us/articles/4412815509524-CVE-2021-44228-Log4j2-Vulnerability-Mitigation-
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adeptia
product: Suite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 6.9.9
- 6.9.10
- 6.9.11
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.adeptia.com/hc/en-us/articles/4412815509524-CVE-2021-44228-Log4j2-Vulnerability-Mitigation-
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Automated Forms Conversion Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: ColdFusion
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager 6.3 Forms on JEE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- All versions from 6.3 GA to 6.3.3
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager 6.4 Forms Designer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager 6.4 Forms on JEE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- All versions from 6.4 GA to 6.4.8
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager 6.5 Forms Designer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager 6.5 Forms on JEE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- All versions from 6.5 GA to 6.5.11
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager Forms on OSGi
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe
product: Experience Manager Forms Workbench
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ADP
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.adp.com/about-adp/data-security/alerts/adp-vulnerability-statement-apache-log4j-vulnerability-cve-2021-44228.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Advanced Micro Devices (AMD)
product: All
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1034
notes: ''
references:
- ''
last_updated: '2022-02-02T00:00:00'
- vendor: Advanced Systems Concepts (formally Jscape)
product: Active MFT
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Advanced Systems Concepts (formally Jscape)
product: MFT
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Advanced Systems Concepts (formally Jscape)
product: MFT Gateway
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Advanced Systems Concepts (formally Jscape)
product: MFT Server
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: AFHCAN Global LLC
product: AFHCANcart
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
product: AFHCANmobile
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
product: AFHCANServer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
product: AFHCANsuite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
product: AFHCANupdate
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
product: AFHCANweb
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Agilysys
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://info.agilysys.com/webmail/76642/2001127877/c3fda575e2313fac1f6a203dc6fc1db2439c3db0da22bde1b6c1b6747d7f0e2f
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ahsay
product: Mobile
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 1.6+
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://wiki.ahsay.com/doku.php?id=public:announcement:cve-2021-44228_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ahsay
product: Other products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- version 8.5.4.86 (and above)
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://wiki.ahsay.com/doku.php?id=public:announcement:cve-2021-44228_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ahsay
product: PRD
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- '2.0'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://wiki.ahsay.com/doku.php?id=public:announcement:cve-2021-44228_log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AIL
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://twitter.com/ail_project/status/1470373644279119875
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Akamai
product: Enterprise Application Access (EAA) Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://developer.akamai.com/tools/integrations/siem/siem-cef-connector#release-notes
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Akamai
product: SIEM Integration Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- <1.7.4
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://developer.akamai.com/tools/integrations/siem/siem-cef-connector#release-notes
notes: Akamai SIEM Integration Connector is vulnerable to CVE-2021-44228, CVE-2021-45046
and CVE-2021-45105.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Akamai
product: SIEM Splunk Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 1.4.10
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://developer.akamai.com/tools/integrations/siem/siem-cef-connector#release-notes
notes: Akamai SIEM Integration Connector for Splunk is not vulnerable to CVE-2021-44228.
Although it includes the vulnerable Log4J component, it is not used by the connector.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Alcatel
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://dokuwiki.alu4u.com/doku.php?id=log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alertus
product: Console
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 5.15.0
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.alertus.com/s/article/Security-Advisory-Log4Shell-Vulnerability?language=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alexion
product: Alexion CRM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://alexion.nl/blog/alexion-crm-niet-vatbaar-voor-log4shell
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alfresco
product: Alfresco
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://hub.alfresco.com/t5/alfresco-content-services-blog/cve-2021-44228-related-to-apache-log4j-security-advisory/ba-p/310717
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AlienVault
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://success.alienvault.com/s/article/are-USM-Anywhere-or-USM-Central-vulnerable-to-CVE-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alphatron Medical
product: AmiSconnect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.alphatronmedical.com/product-news/vulnerability-apache-log4j.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alphatron Medical
product: Custo Diagnostics
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '5.4'
- '5.6'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.alphatronmedical.com/product-news/vulnerability-apache-log4j.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alphatron Medical
product: JiveX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.alphatronmedical.com/product-news/vulnerability-apache-log4j.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alphatron Medical
product: Zorgbericht
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.alphatronmedical.com/product-news/vulnerability-apache-log4j.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Work in progress, portion of customers may still be vulnerable. Actively
monitoring this issue, and are working on addressing it for any AMS services
which use Log4j2.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: API Gateway
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: Athena
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: Athena JDBC Driver
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: All versions vended to customers were not affected.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- Linux 1
- '2'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Amazon Linux 1 had aws apitools which were Java based but these were deprecated
in 2015 [AWS Forum](https://forums.aws.amazon.com/thread.jspa?threadID=323611).
AMIs used to inspect and verify (base spin ups) - amzn-ami-hvm-2018.03.0.20200318.1-x86_64-gp2
and amzn2-ami-kernel-5.10-hvm-2.0.20211201.0-x86_64-gp2.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: AWS AppFlow
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS AppSync
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS Certificate Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS Certificate Manager Private CA
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS CloudHSM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 3.4.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: CloudHSM JCE SDK 3.4.1 or higher is not vulnerable.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS CodeBuild
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: Updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS CodePipeline
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: Updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS Connect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Vendors recommend evaluating components of the environment outside of the
Amazon Connect service boundary, which may require separate/additional customer
mitigation.
references:
- ''
last_updated: '2021-12-23T00:00:00'
- vendor: Amazon
product: AWS Directory Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-23T00:00:00'
- vendor: Amazon
product: AWS DynamoDB
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS ECS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: To help mitigate the impact of the open-source Apache Log4j2 utility (CVE-2021-44228
and CVE-2021-45046) security issues on customers containers, Amazon EKS, Amazon
ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). This hot-patch
will require customer opt-in to use, and disables JNDI lookups from the Log4J2
library in customers containers. These updates are available as an Amazon Linux
package for Amazon ECS customers, as a DaemonSet for Kubernetes users on AWS,
and will be in supported AWS Fargate platform versions.
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS EKS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: To help mitigate the impact of the open-source Apache Log4j2 utility (CVE-2021-44228
and CVE-2021-45046) security issues on customers containers, Amazon EKS, Amazon
ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). This hot-patch
will require customer opt-in to use, and disables JNDI lookups from the Log4J2
library in customers containers. These updates are available as an Amazon Linux
package for Amazon ECS customers, as a DaemonSet for Kubernetes users on AWS,
and will be in supported AWS Fargate platform versions.
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS Elastic Beanstalk
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Default configuration of applications usage of Log4j versions is not vulnerable.
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS ElastiCache
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS ELB
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS Fargate
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Opt-in hot-patch to mitigate the Log4j issue in JVM layer will be available
as platform versions.
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS Glue
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Has been updated. Vulnerable only if ETL jobs load affected versions of
Apache Log4j.
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS Greengrass
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Updates for all Greengrass V2 components Stream Manager (2.0.14) and Secure
Tunneling (1.0.6) are available. For Greengrass versions 1.10.x and 1.11.x,
an update for the Stream Manager feature is included in Greengrass patch versions
1.10.5 and 1.11.5.
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS Inspector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS IoT SiteWise Edge
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Updates for all AWS IoT SiteWise Edge components that use Log4j were made
available; OPC-UA collector (v2.0.3), Data processing pack (v2.0.14), and Publisher
(v2.0.2).
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS Kinesis Data Streams
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: We are actively patching all sub-systems that use Log4j2 by applying updates.
The Kinesis Client Library (KCL) version 2.X and the Kinesis Producer Library
(KPL) are not impacted. For customers using KCL 1.x, we have released an updated
version and we strongly recommend that all KCL version 1.x customers upgrade
to KCL version 1.14.5 (or higher). KCL 2.x, KCL 1.14.5 or higher, and KPL are
not vulnerable.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS KMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS Lambda
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: Vulnerable when using aws-lambda-java-log4j2.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS Polly
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS QuickSight
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS RDS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Amazon RDS and Amazon Aurora have been updated to mitigate the issues identified
in CVE-2021-44228.
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS S3
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS SDK
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS Secrets Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS Service Catalog
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS SNS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Amazon SNS systems that serve customer traffic are patched against the
Log4j2 issue. We are working to apply the Log4j2 patch to sub-systems that operate
separately from SNSs systems that serve customer traffic.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS SQS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: AWS Systems Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: AWS Systems Manager Agent
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: AWS Textract
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: Chime
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Amazon Chime and Chime SDK services have been updated to mitigate the issues
identified in CVE-2021-44228 and CVE-2021-45046.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Cloud Directory
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: CloudFront
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: CloudWatch
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Cognito
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Corretto
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: 10/19 release distribution does not include Log4j. Vulnerable only if customers
applications use affected versions of Apache Log4j.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: DocumentDB
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: EC2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Packages for Amazon Linux 1 and 2 not affected, package for Amazon Linux
2022 is affected.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: ECR Public
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Amazon-owned images published under a Verified Account on Amazon ECR Public
are not affected by the Log4j issue.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: Elastic Load Balancing
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Services have been updated. All Elastic Load Balancers, as well as Classic,
Application, Network and Gateway, are not affected by this Log4j issue.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: EMR
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Many customers are estimated to be vulnerable. Vulnerable only if affected
EMR releases are used and untrusted sources are configured to be processed.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: EventBridge
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Fraud Detector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Inspector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Inspector Classic
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Kafka (MSK)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Applying updates as required, portion of customers may still be vulnerable.
Some MSK-specific service components use Log4j > 2.0.0 library and are being
patched where needed.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Kendra
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Keyspaces (for Apache Cassandra)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Kinesis
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Kinesis Data Analytics
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Lake Formation
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Update in progress, portion of customers may still be vulnerable. AWS Lake
Formation service hosts are being updated to the latest version of Log4j.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Lex
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Linux (AL1)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: By default not vulnerable. Opt-in hot-patch to mitigate the Log4j in JVM
layer issue is available.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Linux (AL2)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: By default not vulnerable, and a new version of Amazon Kinesis Agent which
is part of AL2 addresses the Log4j issue. Opt-in hot-patch to mitigate the Log4j
issue in JVM layer is available.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Lookout for Equipment
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Macie
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Macie Classic
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Managed Workflows for Apache Airflow (MWAA)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: MemoryDB for Redis
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Monitron
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: MQ
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Neptune
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: NICE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Recommended to update EnginFrame or Log4j library.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: OpenSearch
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- R20211203-P2
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: Update released, customers need to update their clusters to the fixed release.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Pinpoint
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: RDS Aurora
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: RDS for Oracle
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Redshift
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Rekognition
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Route 53
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: SageMaker
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Completed patching for the Apache Log4j2 issue (CVE-2021-44228). Vulnerable
only if customers applications use affected versions of Apache Log4j.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Simple Notification Service (SNS)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Systems that serve customer traffic are patched against the Log4j2 issue.
Working to apply the patch to sub-systems that operate separately from SNSs
systems that serve customer traffic.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Simple Queue Service (SQS)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Simple Workflow Service (SWF)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Single Sign-On
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Step Functions
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Timestream
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Translate
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/translate/
notes: Service not identified on [AWS Log4j Security Bulletin](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/)
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: VPC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: WorkSpaces/AppStream 2.0
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Not affected with default configurations. WorkDocs Sync client versions
1.2.895.1 and older within Windows WorkSpaces, which contain the Log4j component,
are vulnerable; For update instruction, see source for more info.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AMD
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1034
notes: Currently, no AMD products have been identified as affected. AMD is continuing
its analysis.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Anaconda
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 4.10.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.conda.io/projects/conda/en/latest/index.html
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: AOMEI
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.aomeitech.com/forum/index.php?p=/discussion/7651/aomei-and-log4j
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Apache
product: ActiveMQ Artemis
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://activemq.apache.org/news/cve-2021-44228
notes: ActiveMQ Artemis does not use Log4j for logging. However, Log4j 1.2.17
is included in the Hawtio-based web console application archive (i.e. [web/console.war/WEB-INF/lib](web/console.war/WEB-INF/lib)).
Although this version of Log4j is not impacted by CVE-2021-44228 future versions
of Artemis will be updated so that the Log4j jar is no longer included in the
web console application archive. See [ARTEMIS-3612](https://issues.apache.org/jira/browse/ARTEMIS-3612)
for more information on that task.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Apache
product: Airflow
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Airflow is written in Python
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Archiva
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 2.2.6
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Fixed in 2.2.6.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Camel
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: Apache Camel does not directly depend on Log4j 2, so we are not affected
by CVE-2021-44228.If you explicitly added the Log4j 2 dependency to your own
applications, make sure to upgrade.Apache Camel does use log4j during testing
itself, and therefore you can find that we have been using log4j v2.13.3 release
in our latest LTS releases Camel 3.7.6, 3.11.4.
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Camel 2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Camel JBang
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- <=3.1.4
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Camel K
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Camel Kafka Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Camel Karaf
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: The Karaf team is aware of this and are working on a new Karaf 4.3.4 release
with updated log4j.
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Camel Quarkus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Cassandra
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://lists.apache.org/thread/2rngylxw8bjos6xbo1krp29m9wn2hhdr
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Druid
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 0.22.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/apache/druid/releases/tag/druid-0.22.1
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Apache
product: Dubbo
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- All
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/apache/dubbo/issues/9380
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Apache
product: Flink
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.15.0
- 1.14.2
- 1.13.5
- 1.12.7
- 1.11.6
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://flink.apache.org/2021/12/10/log4j-cve.html
notes: To clarify and avoid confusion, the 1.14.1 / 1.13.4 / 1.12.6 / 1.11.5 releases,
which were supposed to only contain a Log4j upgrade to 2.15.0, were skipped
because CVE-2021-45046 was discovered during the release publication. The new
1.14.2 / 1.13.5 / 1.12.7 / 1.11.6 releases include a version upgrade for Log4j
to version 2.16.0 to address CVE-2021-44228 and CVE-2021-45046.
references:
- '[https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html](https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html)'
last_updated: '2021-12-12T00:00:00'
- vendor: Apache
product: Fortress
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 2.0.7
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Fixed in 2.0.7.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: Geode
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.14.0
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Fixed in 1.12.6, 1.13.5, 1.14.1.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: Guacamole
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: Hadoop
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: HBase
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: Hive
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 4.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: James
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 3.6.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: Jena
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 4.3.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: JMeter
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: JSPWiki
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 2.11.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: Kafka
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://kafka.apache.org/cve-list
notes: Uses Log4j 1.2.17.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: Log4j 1.x
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://logging.apache.org/log4j/2.x/security.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Log4j 2.x
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 2.17.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://logging.apache.org/log4j/2.x/security.html
notes: Fixed in Log4j 2.17.1 (Java 8), 2.12.4 (Java 7) and 2.3.2 (Java 6).
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Maven
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: NiFi
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Fixed in 1.15.1, 1.16.0.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: OFBiz
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 18.12.03
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Ozone
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 1.2.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Fixed in 1.15.1, 1.16.0.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: SkyWalking
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 8.9.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: SOLR
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 7.4.0 to 7.7.3
- 8.0.0 to 8.11.0
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
notes: Fixed in 8.11.1, Versions before 7.4 also vulnerable when using several
configurations.
references:
- '[Apache Solr 8.11.1 downloads](https://solr.apache.org/downloads.html)'
last_updated: '2021-12-16T00:00:00'
- vendor: Apache
product: Spark
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: Uses log4j 1.x
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Struts
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 2.5.28
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Struts 2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Versions before 2.5.28.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://struts.apache.org/announce-2021
notes: The Apache Struts group is pleased to announce that Struts 2.5.28.1 is
available as a General Availability release. The GA designation is our highest
quality grade. This release addresses Log4j vulnerability CVE-2021-45046 by
using the latest Log4j 2.12.2 version (Java 1.7 compatible).
references:
- '[Apache Struts Release Downloads](https://struts.apache.org/download.cgi#struts-ga)'
last_updated: '2021-12-21T00:00:00'
- vendor: Apache
product: Tapestry
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 5.7.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Tika
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 2.0.0 and up
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Tomcat
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tomcat.apache.org/security-9.html
notes: Apache Tomcat 9.0.x has no dependency on any version of log4j. Web applications
deployed on Apache Tomcat may have a dependency on log4j. You should seek support
from the application vendor in this instance. It is possible to configure Apache
Tomcat 9.0.x to use log4j 2.x for Tomcats internal logging. This requires explicit
configuration and the addition of the log4j 2.x library. Anyone who has switched
Tomcats internal logging to log4j 2.x is likely to need to address this vulnerability.
In most cases, disabling the problematic feature will be the simplest solution.
Exactly how to do that depends on the exact version of log4j 2.x being used.
Details are provided on the [log4j 2.x security page](https://logging.apache.org/log4j/2.x/security.html)
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Apache
product: TrafficControl
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: ZooKeeper
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blogs.apache.org/security/entry/cve-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: APC by Schneider Electric
product: Powerchute Business Edition
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v9.5
- v10.0.1
- v10.0.2
- v10.0.3
- v10.0.4
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345
notes: Mitigation instructions to remove the affected class.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: APC by Schneider Electric
product: Powerchute Network Shutdown
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '4.2'
- '4.3'
- '4.4'
- 4.4.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345
notes: Mitigation instructions to remove the affected class.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Apereo
product: CAS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 6.3.x
- 6.4.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://apereo.github.io/2021/12/11/log4j-vuln/
notes: Other versions still in active maintainance might need manual inspection.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apereo
product: Opencast
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 9.10
- < 10.6
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/opencast/opencast/security/advisories/GHSA-mf4f-j588-5xm8
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apigee
product: Edge and OPDK products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://status.apigee.com/incidents/3cgzb0q2r10p
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apollo
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.apollographql.com/t/log4j-vulnerability/2214
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Appdynamics
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Appeon
product: PowerBuilder
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Appeon PowerBuilder 2017-2021 regardless of product edition
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.appeon.com/index.php/qna/q-a/apache-log4j-security-vulnerabilities
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: AppGate
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.appgate.com/blog/appgate-sdp-unaffected-by-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Appian
product: Appian Platform
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- All
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.appian.com/support/w/kb/2511/kb-2204-information-about-the-log4j2-security-vulnerabilities-cve-2021-44228-cve-2021-45046
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Application Performance Ltd
product: DBMarlin
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.dbmarlin.com/docs/faqs/frequently-asked-questions/?_ga=2.72968147.1563671049.1639624574-1296952804.1639624574#apache-log4j-vulnerability-cve-2021-4428
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: APPSHEET
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aptible
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Search 5.x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aqua Security
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.google.com/document/d/e/2PACX-1vSmFR3oHPXOih1wENKd7RXn0dsHzgPUe91jJwDTsaVxJtcJEroktWNLq7BMUx9v7oDZRHqLVgkJnqCm/pub
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arbiter Systems
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arbiter.com/news/index.php?id=4403
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: ARC Informatique
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1141-security-bulletin-2021-1
notes: ''
references:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Arca Noae
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arcanoae.com/apache-log4j-vulnerability-cve-2021-44228/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arcserve
product: Arcserve Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: Arcserve Continuous Availability
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: Arcserve Email Archiving
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: Arcserve UDP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 6.5-8.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: ShadowProtect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: ShadowXafe
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: Solo
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: StorageCraft OneXafe
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: ArcticWolf
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://arcticwolf.com/resources/blog/log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arduino
product: IDE
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 1.8.17
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.arduino.cc/hc/en-us/articles/4412377144338-Arduino-s-response-to-Log4j2-vulnerability-CVE-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ariba
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://connectsupport.ariba.com/sites#announcements-display&/Event/908469
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arista
product: Analytics Node for Converged Cloud Fabric
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '>7.0.0'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
notes: Formerly Big Cloud Fabric
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arista
product: Analytics Node for DANZ Monitoring Fabric
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '>7.0.0'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
notes: Formerly Big Monitoring Fabric
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arista
product: CloudVision Portal
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '>2019.1.0'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arista
product: CloudVision Wi-Fi, virtual or physical appliance
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '>8.8'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arista
product: Embedded Analytics for Converged Cloud Fabric
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '>5.3.0'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
notes: Formerly Big Cloud Fabric
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: AirWave Management Platform
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Analytics and Location Engine
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: ArubaOS SD-WAN Gateways
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: ArubaOS Wi-Fi Controllers and Gateways
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: ArubaOS-CX Switches
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: ArubaOS-S Switches
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Central
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Central On-Prem
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: ClearPass Policy Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: EdgeConnect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Fabric Composer (AFC)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: HP ProCurve Switches
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Instant
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Instant Access Points
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Instant On
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: IntroSpect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Versions 2.5.0.0 to 2.5.0.6
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Legacy GMS Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Legacy NX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Legacy VRX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Legacy VX
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: NetEdit
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Plexxi Composable Fabric Manager (CFM)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: Silver Peak Orchestrator
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: User Experience Insight (UXI)
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: VIA Clients
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ataccama
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ataccama.com/files/log4j2-vulnerability-cve-2021-44228-fix.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atera
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.reddit.com/r/atera/comments/rh7xb1/apache_log4j_2_security_advisory_update/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Bamboo Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- On Prem
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: Only vulnerable when using non-default config, cloud version fixed.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Bitbucket Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- On prem
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product is not vulnerable to remote code execution but may leak information
due to the bundled Elasticsearch component being vulnerable.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- On prem
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: Only vulnerable when using non-default config, cloud version fixed.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS CSAT Pro
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- v1.7.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS WorkBench
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS-CAT Lite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- v4.13.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS-CAT Pro Assessor v3 Full and Dissolvable
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- v3.0.77
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS-CAT Pro Assessor v4
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- v4.13.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS-CAT Pro Assessor v4 Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- v1.13.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS-CAT Pro Dashboard
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence-CIS-Hosted CSAT
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Crowd Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- On prem
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Crucible
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- On prem
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Fisheye
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- On prem
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Jira Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- On prem
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Attivo Networks
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atvise
product: All
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.atvise.com/en/articles/at-log4j-sicherheitsluecke-atvise-produkte-und-terminals-nicht-betroffen
notes: The security vulnerability does NOT affect our applications and products
or pose any threat. This applies to all Bachmann applications and products,
including atvise solutions.
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: AudioCodes
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://services.audiocodes.com/app/answers/kbdetail/a_id/2225
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Autodesk
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html
notes: Autodesk is continuing to perform a thorough investigation in relation
to the recently discovered Apache Log4j security vulnerabilities. We continue
to implement several mitigating factors for our products including patching,
network firewall blocks, and updated detection signatures to reduce the threat
of this vulnerability and enhance our ability to quickly respond to potential
malicious activity. We have not identified any compromised systems in the Autodesk
environment due to this vulnerability, at this time. This is an ongoing investigation
and we will provide updates on the [Autodesk Trust Center as we learn more](https://www.autodesk.com/trust/overview).
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Automation Anywhere
product: Automation 360 Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://apeople.automationanywhere.com/s/login/?language=en_US&startURL=%2Fs%2Farticle%2FA360-Cloud-Zero-day-in-the-Log4j-Java-library&ec=302
notes: This advisory is available to customer only and has not been reviewed by
CISA.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Automation Anywhere
product: Automation 360 On Premise
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- ''
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://apeople.automationanywhere.com/s/login/?language=en_US&startURL=%2Fs%2Farticle%2FA360-Cloud-Zero-day-in-the-Log4j-Java-library&ec=302
notes: This advisory is available to customer only and has not been reviewed by
CISA.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Automation Anywhere
product: Automation Anywhere
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 11.x
- <11.3x
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://apeople.automationanywhere.com/s/login/?language=en_US&startURL=%2Fs%2Farticle%2FA360-Cloud-Zero-day-in-the-Log4j-Java-library&ec=302
notes: This advisory is available to customer only and has not been reviewed by
CISA.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Automox
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.automox.com/log4j-critical-vulnerability-scores-a-10
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Autopsy
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.autopsy.com/autopsy-and-log4j-vulnerability/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Auvik
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://status.auvik.com/incidents/58bfngkz69mj
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Avantra SYSLINK
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avantra.com/support/solutions/articles/44002291388-cve-2021-44228-log4j-2-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Avaya
product: Avaya Analytics
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '3.5'
- '3.6'
- 3.6.1
- '3.7'
- '4'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura Application Enablement Services
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 8.1.3.2
- 8.1.3.3
- '10.1'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN020551u](https://download.avaya.com/css/public/documents/101079386)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura Contact Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.0.2
- 7.0.3
- '7.1'
- 7.1.1
- 7.1.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura Device Services
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '8'
- 8.0.1
- 8.0.2
- '8.1'
- 8.1.3
- 8.1.4
- 8.1.5
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura for OneCloud Private
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: Avaya is scanning and monitoring its OneCloud Private environments as part
of its management activities. Avaya will continue to monitor this fluid situation
and remediations will be made as patches become available, in accordance with
appropriate change processes.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura Media Server
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 8.0.0
- 8.0.1
- 8.0.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN020549u](https://download.avaya.com/css/secure/documents/101079316)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura Presence Services
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '10.1'
- 7.1.2
- '8'
- 8.0.1
- 8.0.2
- '8.1'
- 8.1.1
- 8.1.2
- 8.1.3
- 8.1.4
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura Session Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '10.1'
- 7.1.3
- '8'
- 8.0.1
- '8.1'
- 8.1.1
- 8.1.2
- 8.1.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN020550u](https://download.avaya.com/css/public/documents/101079384)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura System Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '10.1'
- 8.1.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN005565u](https://download.avaya.com/css/secure/documents/101079390)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura Web Gateway
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 3.11[P]
- 3.8.1[P]
- 3.8[P]
- 3.9.1[P]
- 3.9[P]
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Breeze
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '3.7'
- '3.8'
- 3.8.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Contact Center Select
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.0.2
- 7.0.3
- '7.1'
- 7.1.1
- 7.1.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya CRM Connector - Connected Desktop
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '2.2'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Device Enablement Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 3.1.22
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Meetings
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 9.1.10
- 9.1.11
- 9.1.12
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya OneCloud-Private
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '2'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya OneCloud-Private-UCaaS - Mid Market Aura
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '1'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Session Border Controller for Enterprise
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 8.0.1
- '8.1'
- 8.1.1
- 8.1.2
- 8.1.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN020554u](https://download.avaya.com/css/public/documents/101079394)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Social Media Hub
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- ''
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Workforce Engagement
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '5.3'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Business Rules Engine
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '3.4'
- '3.5'
- '3.6'
- '3.7'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Callback Assist
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '5'
- 5.0.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Control Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 9.0.2
- 9.0.2.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Device Enrollment Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '3.1'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Equinox Conferencing
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 9.1.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Interaction Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.3.9
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: IP Office Platform
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 11.0.4
- '11.1'
- 11.1.1
- 11.1.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Proactive Outreach Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 3.1.2
- 3.1.3
- '4'
- 4.0.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: AVEPOINT
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.avepoint.com/company/java-zero-day-vulnerability-notification
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AVM
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- ''
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://avm.de/service/aktuelle-sicherheitshinweise/#Schwachstelle%20im%20Java-Projekt%20%E2%80%9Elog4j%E2%80%9C
notes: devices, firmware, software incl. MyFritz Service.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AvTech RoomAlert
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://avtech.com/articles/23124/java-exploit-room-alert-link/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AXIS
product: OS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.axis.com/axis-os
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AXON
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://my.axon.com/s/trust/response-to-log4j2-vuln?language=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AXS Guard
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.axsguard.com/en_US/blog/security-news-4/log4j-vulnerability-77
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Axways Applications
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.axway.com/news/1331/lang/en
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
...