mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-22 00:20:47 +00:00
ff14b54693
Generate the individual YAML files that are to be edited and then generate the initial comprehensive YAML file that is used to generate the Markdown file for display.
4996 lines
143 KiB
YAML
4996 lines
143 KiB
YAML
---
|
||
version: '1.0'
|
||
owners:
|
||
- name: cisagov
|
||
url: https://github.com/cisagov/log4j-affected-db
|
||
software:
|
||
- vendor: ABB
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://search.abb.com/library/Download.aspx?DocumentID=9ADB012621&LanguageCode=en&DocumentPartId=&Action=Launch
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: ABB
|
||
product: ABB Remote Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- ABB Remote Platform (RAP)
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links: []
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: ABB
|
||
product: AlarmInsight Cloud
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions:
|
||
- AlarmInsight KPI Dashboards 1.0.0
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links: []
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: ABB
|
||
product: B&R Products
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions:
|
||
- See Vendor Advisory
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.br-automation.com/downloads_br_productcatalogue/assets/1639507581859-en-original-1.0.pdf
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Abbott
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.abbott.com/policies/cybersecurity/apache-Log4j.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-15T00:00:00'
|
||
- vendor: Abnormal Security
|
||
product: Abnormal Security
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://abnormalsecurity.com/blog/attackers-use-email-log4j-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Accellence
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.accellence.de/en/articles/national-vulnerability-database-62
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Accellion
|
||
product: Kiteworks
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- v7.6 release
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.kiteworks.com/kiteworks-news/log4shell-apache-vulnerability-what-kiteworks-customers-need-to-know/
|
||
notes: '"As a precaution, Kiteworks released a 7.6.1 Hotfix software update to
|
||
address the vulnerability. This patch release adds the mitigation for CVE-2021-44228
|
||
contained in the Solr package as recommended by Apache Solr group. Specifically,
|
||
it updates the Log4j library to a non-vulnerable version on CentOS 7 systems
|
||
as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true”
|
||
to disable the possible attack vector on both CentOS 6 and CentOS 7."'
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-16T00:00:00'
|
||
- vendor: Acquia
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.acquia.com/hc/en-us/articles/4415823329047-Apache-log4j-CVE-2021-44228
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Acronis
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://security-advisory.acronis.com/advisories/SEC-3859
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: ActiveState
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.activestate.com/blog/activestate-statement-java-log4j-vulnerability/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Adaptec
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://ask.adaptec.com/app/answers/detail/a_id/17523/kw/log4j
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Addigy
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://addigy.com/blog/addigy-and-apaches-log4j2-cve-2021-44228-status/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Adeptia
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.adeptia.com/hc/en-us/articles/4412815509524-CVE-2021-44228-Log4j2-Vulnerability-Mitigation-
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Adobe ColdFusion
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://helpx.adobe.com/coldfusion/kb/log4j-vulnerability-coldfusion.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: ADP
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.adp.com/about-adp/data-security/alerts/adp-vulnerability-statement-apache-log4j-vulnerability-cve-2021-44228.aspx
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AFAS Software
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://help.afas.nl/vraagantwoord/NL/SE/120439.htm
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AFHCAN Global LLC
|
||
product: AFHCANsuite
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 8.0.7 - 8.4.3
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://afhcan.org/support.aspx
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AFHCAN Global LLC
|
||
product: AFHCANServer
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 8.0.7 - 8.4.3
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://afhcan.org/support.aspx
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AFHCAN Global LLC
|
||
product: AFHCANcart
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 8.0.7 - 8.4.3
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://afhcan.org/support.aspx
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AFHCAN Global LLC
|
||
product: AFHCANweb
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 8.0.7 - 8.4.3
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://afhcan.org/support.aspx
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AFHCAN Global LLC
|
||
product: AFHCANmobile
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 8.0.7 - 8.4.3
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://afhcan.org/support.aspx
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AFHCAN Global LLC
|
||
product: AFHCANupdate
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 8.0.7 - 8.4.3
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://afhcan.org/support.aspx
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Agilysys
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://info.agilysys.com/webmail/76642/2001127877/c3fda575e2313fac1f6a203dc6fc1db2439c3db0da22bde1b6c1b6747d7f0e2f
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Advanced Systems Concepts (formally Jscape)
|
||
product: Active MFT
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
|
||
notes: This advisory is available to customers only and has not been reviewed
|
||
by CISA
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Advanced Systems Concepts (formally Jscape)
|
||
product: MFT Server
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
|
||
notes: This advisory is available to customers only and has not been reviewed
|
||
by CISA
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Advanced Systems Concepts (formally Jscape)
|
||
product: MFT Gateway
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
|
||
notes: This advisory is available to customers only and has not been reviewed
|
||
by CISA
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Advanced Systems Concepts (formally Jscape)
|
||
product: MFT
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
|
||
notes: This advisory is available to customers only and has not been reviewed
|
||
by CISA
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Akamai
|
||
product: SIEM Splunk Connector
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- All
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://splunkbase.splunk.com/app/4310/
|
||
notes: v1.4.11 is the new recommendation for mitigation of log4j vulnerabilities
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-15T00:00:00'
|
||
- vendor: Alcatel
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://dokuwiki.alu4u.com/doku.php?id=log4j
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Alertus
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://help.alertus.com/s/article/Security-Advisory-Log4Shell-Vulnerability?language=en_US
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Alexion
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://alexion.nl/blog/alexion-crm-niet-vatbaar-voor-log4shell
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Alfresco
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://hub.alfresco.com/t5/alfresco-content-services-blog/cve-2021-44228-related-to-apache-log4j-security-advisory/ba-p/310717
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AlienVault
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://success.alienvault.com/s/article/are-USM-Anywhere-or-USM-Central-vulnerable-to-CVE-2021-44228
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Alphatron Medical
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.alphatronmedical.com/home.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: Athena
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: AWS
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- Linux 1
|
||
- '2'
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links: []
|
||
notes: 'Notes: Amazon Linux 1 had aws apitools which were Java based but these
|
||
were deprecated in 2015 [AWS Forum](https://forums.aws.amazon.com/thread.jspa?threadID=323611).
|
||
AMIs used to inspect and verify (base spin ups) - amzn-ami-hvm-2018.03.0.20200318.1-x86_64-gp2
|
||
and amzn2-ami-kernel-5.10-hvm-2.0.20211201.0-x86_64-gp2'
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-15T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS API Gateway
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- All
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-20T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS CloudHSM
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- < 3.4.1.
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: AWS Connect
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- All
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: Vendors recommend evaluating components of the environment outside of the
|
||
Amazon Connect service boundary, which may require separate/additional customer
|
||
mitigation
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-23T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS Lambda
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- Unknown
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: AWS DynamoDB
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- Unknown
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-17T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS ElastiCache
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- Unknown
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-17T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS Inspector
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- Unknown
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-17T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS RDS
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- Unknown
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: Amazon RDS and Amazon Aurora have been updated to mitigate the issues identified
|
||
in CVE-2021-44228
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-17T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS S3
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- Unknown
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS SNS
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- Unknown
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: Amazon SNS systems that serve customer traffic are patched against the
|
||
Log4j2 issue. We are working to apply the Log4j2 patch to sub-systems that operate
|
||
separately from SNS’s systems that serve customer traffic
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS SQS
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- Unknown
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-15T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS EKS, ECS, Fargate
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- Unknown
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: To help mitigate the impact of the open-source Apache “Log4j2" utility
|
||
(CVE-2021-44228 and CVE-2021-45046) security issues on customers’ containers,
|
||
Amazon EKS, Amazon ECS, and AWS Fargate are deploying a Linux-based update (hot-patch).
|
||
This hot-patch will require customer opt-in to use, and disables JNDI lookups
|
||
from the Log4J2 library in customers’ containers. These updates are available
|
||
as an Amazon Linux package for Amazon ECS customers, as a DaemonSet for Kubernetes
|
||
users on AWS, and will be in supported AWS Fargate platform versions
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-16T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS ELB
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- Unknown
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-16T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS Kinesis Data Stream
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- Unknown
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: We are actively patching all sub-systems that use Log4j2 by applying updates.
|
||
The Kinesis Client Library (KCL) version 2.X and the Kinesis Producer Library
|
||
(KPL) are not impacted. For customers using KCL 1.x, we have released an updated
|
||
version and we strongly recommend that all KCL version 1.x customers upgrade
|
||
to KCL version 1.14.5 (or higher)
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Amazon
|
||
product: AWS Lambda
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- Unknown
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: CloudFront
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: CloudWatch
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: EC2
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- Amazon Linux 1 & 2
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-15T00:00:00'
|
||
- vendor: Amazon
|
||
product: ELB
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: KMS
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: OpenSearch
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- Unknown
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: RDS
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: Route 53
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: S3
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: Translate
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/translate/
|
||
notes: Service not identified on [AWS Log4j Security Bulletin](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/)
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Amazon
|
||
product: VPC
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AMD
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1034
|
||
notes: Currently, no AMD products have been identified as affected. AMD is continuing
|
||
its analysis.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: Anaconda
|
||
product: Anaconda
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 4.10.3
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://docs.conda.io/projects/conda/en/latest/index.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Apache
|
||
product: ActiveMQ Artemis
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://activemq.apache.org/news/cve-2021-44228
|
||
notes: ActiveMQ Artemis does not use Log4j for logging. However, Log4j 1.2.17
|
||
is included in the Hawtio-based web console application archive (i.e. [web/console.war/WEB-INF/lib](web/console.war/WEB-INF/lib)).
|
||
Although this version of Log4j is not impacted by CVE-2021-44228 future versions
|
||
of Artemis will be updated so that the Log4j jar is no longer included in the
|
||
web console application archive. See [ARTEMIS-3612](https://issues.apache.org/jira/browse/ARTEMIS-3612)
|
||
for more information on that task.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Apache
|
||
product: Airflow
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://github.com/apache/airflow/tree/main/airflow
|
||
notes: Airflow is written in Python
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Apache
|
||
product: Camel
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 3.14.1.3.11.5
|
||
- 3.7.7
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://camel.apache.org/blog/2021/12/log4j2/
|
||
notes: Apache Camel does not directly depend on Log4j 2, so we are not affected
|
||
by CVE-2021-44228.If you explicitly added the Log4j 2 dependency to your own
|
||
applications, make sure to upgrade.Apache Camel does use log4j during testing
|
||
itself, and therefore you can find that we have been using log4j v2.13.3 release
|
||
in our latest LTS releases Camel 3.7.6, 3.11.4.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-13T00:00:00'
|
||
- vendor: Apache
|
||
product: Camel Quarkus
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://camel.apache.org/blog/2021/12/log4j2/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-13T00:00:00'
|
||
- vendor: Apache
|
||
product: Camel K
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://camel.apache.org/blog/2021/12/log4j2/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-13T00:00:00'
|
||
- vendor: Apache
|
||
product: CamelKafka Connector
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://camel.apache.org/blog/2021/12/log4j2/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-13T00:00:00'
|
||
- vendor: Apache
|
||
product: Camel Karaf
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://camel.apache.org/blog/2021/12/log4j2/
|
||
notes: The Karaf team is aware of this and are working on a new Karaf 4.3.4 release
|
||
with updated log4j.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-13T00:00:00'
|
||
- vendor: Apache
|
||
product: Camel JBang
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- <=3.1.4
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://camel.apache.org/blog/2021/12/log4j2/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-13T00:00:00'
|
||
- vendor: Apache
|
||
product: Camel 2
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://camel.apache.org/blog/2021/12/log4j2/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-13T00:00:00'
|
||
- vendor: Apache
|
||
product: Druid
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- < druid 0.22.0
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://github.com/apache/druid/releases/tag/druid-0.22.1
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-12T00:00:00'
|
||
- vendor: Apache
|
||
product: Flink
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- < 1.14.2
|
||
- 1.13.5
|
||
- 1.12.7
|
||
- 1.11.6
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://flink.apache.org/2021/12/10/log4j-cve.html
|
||
notes: 'To clarify and avoid confusion: The 1.14.1 / 1.13.4 / 1.12.6 / 1.11.5
|
||
releases, which were supposed to only contain a Log4j upgrade to 2.15.0, were
|
||
skipped because CVE-2021-45046 was discovered during the release publication.
|
||
The new 1.14.2 / 1.13.5 / 1.12.7 / 1.11.6 releases include a version upgrade
|
||
for Log4j to version 2.16.0 to address CVE-2021-44228 and CVE-2021-45046.'
|
||
references:
|
||
- '[https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html](https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html)'
|
||
last_updated: '2021-12-12T00:00:00'
|
||
- vendor: Apache
|
||
product: Kafka
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://kafka.apache.org/cve-list
|
||
notes: The current DB lists Apache Kafka as impacted. Apache Kafka uses Log4jv1,
|
||
not v2.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Apache
|
||
product: Kafka
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- Unknown
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://logging.apache.org/log4j/2.x/security.html
|
||
notes: Only vulnerable in certain configuration(s)
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Apache
|
||
product: Log4j
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- < 2.15.0
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://logging.apache.org/log4j/2.x/security.html
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Apache
|
||
product: Solr
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- 7.4.0 to 7.7.3
|
||
- 8.0.0 to 8.11.0
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
|
||
notes: Update to 8.11.1 or apply fixes as described in Solr security advisory
|
||
references:
|
||
- '[Apache Solr 8.11.1 downloads](https://solr.apache.org/downloads.html)'
|
||
last_updated: '2021-12-16T00:00:00'
|
||
- vendor: Apache
|
||
product: Struts 2
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions:
|
||
- Versions before 2.5.28.1
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://struts.apache.org/announce-2021
|
||
notes: The Apache Struts group is pleased to announce that Struts 2.5.28.1 is
|
||
available as a “General Availability” release. The GA designation is our highest
|
||
quality grade. This release addresses Log4j vulnerability CVE-2021-45046 by
|
||
using the latest Log4j 2.12.2 version (Java 1.7 compatible).
|
||
references:
|
||
- '[Apache Struts Release Downloads](https://struts.apache.org/download.cgi#struts-ga)'
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Apache
|
||
product: Tomcat
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions:
|
||
- 9.0.x
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://tomcat.apache.org/security-9.html
|
||
notes: Apache Tomcat 9.0.x has no dependency on any version of log4j. Web applications
|
||
deployed on Apache Tomcat may have a dependency on log4j. You should seek support
|
||
from the application vendor in this instance. It is possible to configure Apache
|
||
Tomcat 9.0.x to use log4j 2.x for Tomcat's internal logging. This requires explicit
|
||
configuration and the addition of the log4j 2.x library. Anyone who has switched
|
||
Tomcat's internal logging to log4j 2.x is likely to need to address this vulnerability.
|
||
In most cases, disabling the problematic feature will be the simplest solution.
|
||
Exactly how to do that depends on the exact version of log4j 2.x being used.
|
||
Details are provided on the [log4j 2.x security page](https://logging.apache.org/log4j/2.x/security.html)
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Apereo
|
||
product: CAS
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 6.3.x & 6.4.x
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://apereo.github.io/2021/12/11/log4j-vuln/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Apereo
|
||
product: Opencast
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- < 9.10
|
||
- < 10.6
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://github.com/opencast/opencast/security/advisories/GHSA-mf4f-j588-5xm8
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Application Performance Ltd
|
||
product: DBMarlin
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions:
|
||
- Not Affected
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links: []
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-15T00:00:00'
|
||
- vendor: Apigee
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://status.apigee.com/incidents/3cgzb0q2r10p
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Apollo
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://community.apollographql.com/t/log4j-vulnerability/2214
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Appdynamics
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Appeon
|
||
product: PowerBuilder
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- Appeon PowerBuilder 2017-2021 regardless of product edition
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links: []
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-15T00:00:00'
|
||
- vendor: AppGate
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.appgate.com/blog/appgate-sdp-unaffected-by-log4j-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Appian
|
||
product: Appian Platform
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- All
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://community.appian.com/support/w/kb/2511/kb-2204-information-about-the-log4j2-security-vulnerabilities-cve-2021-44228-cve-2021-45046
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: Application Performance Ltd
|
||
product: DBMarlin
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://docs.dbmarlin.com/docs/faqs/frequently-asked-questions/?_ga=2.72968147.1563671049.1639624574-1296952804.1639624574#apache-log4j-vulnerability-cve-2021-4428
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-15T00:00:00'
|
||
- vendor: APPSHEET
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Aptible
|
||
product: Aptible
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- ElasticSearch 5.x
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: APC by Schneider Electric
|
||
product: Powerchute Business Edition
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- v9.5
|
||
- v10.0.1
|
||
- v10.0.2
|
||
- v10.0.3
|
||
- v10.0.4
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345
|
||
notes: Mitigation instructions to remove the affected class.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-15T00:00:00'
|
||
- vendor: APC by Schneider Electric
|
||
product: Powerchute Network Shutdown
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions:
|
||
- '4.2'
|
||
- '4.3'
|
||
- '4.4'
|
||
- 4.4.1
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345
|
||
notes: Mitigation instructions to remove the affected class.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-15T00:00:00'
|
||
- vendor: Aqua Security
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://docs.google.com/document/d/e/2PACX-1vSmFR3oHPXOih1wENKd7RXn0dsHzgPUe91jJwDTsaVxJtcJEroktWNLq7BMUx9v7oDZRHqLVgkJnqCm/pub
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Arbiter Systems
|
||
product: All
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.arbiter.com/news/index.php?id=4403
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-22T00:00:00'
|
||
- vendor: Arca Noae
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.arcanoae.com/apache-log4j-vulnerability-cve-2021-44228/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Arcserve
|
||
product: Arcserve Backup
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.storagecraft.com/s/article/Log4J-Update
|
||
notes: ''
|
||
references:
|
||
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Arcserve
|
||
product: Arcserve Continuous Availability
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.storagecraft.com/s/article/Log4J-Update
|
||
notes: ''
|
||
references:
|
||
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Arcserve
|
||
product: Arcserve Email Archiving
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.storagecraft.com/s/article/Log4J-Update
|
||
notes: ''
|
||
references:
|
||
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Arcserve
|
||
product: Arcserve UDP
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- 6.5-8.3
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.storagecraft.com/s/article/Log4J-Update
|
||
notes: ''
|
||
references:
|
||
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Arcserve
|
||
product: ShadowProtect
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.storagecraft.com/s/article/Log4J-Update
|
||
notes: ''
|
||
references:
|
||
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Arcserve
|
||
product: ShadowXafe
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.storagecraft.com/s/article/Log4J-Update
|
||
notes: ''
|
||
references:
|
||
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Arcserve
|
||
product: Solo
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.storagecraft.com/s/article/Log4J-Update
|
||
notes: ''
|
||
references:
|
||
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Arcserve
|
||
product: StorageCraft OneXafe
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.storagecraft.com/s/article/Log4J-Update
|
||
notes: ''
|
||
references:
|
||
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: ArcticWolf
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://arcticwolf.com/resources/blog/log4j
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Arduino
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.arduino.cc/hc/en-us/articles/4412377144338-Arduino-s-response-to-Log4j2-vulnerability-CVE-2021-44228
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Ariba
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://connectsupport.ariba.com/sites#announcements-display&/Event/908469
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Arista
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Aruba Networks
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://asp.arubanetworks.com/notifications/Tm90aWZpY2F0aW9uOjEwMTQ0;notificationCategory=Security
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Ataccama
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.ataccama.com/files/log4j2-vulnerability-cve-2021-44228-fix.pdf
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Atera
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.reddit.com/r/atera/comments/rh7xb1/apache_log4j_2_security_advisory_update/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Atlassian
|
||
product: Bamboo Server & Data Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
|
||
notes: This product may be affected by a related but lower severity vulnerability
|
||
if running in a specific non-default configuration.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Atlassian
|
||
product: Bitbucket Server & Data Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- All
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
|
||
notes: This product is not vulnerable to remote code execution but may leak information
|
||
due to the bundled Elasticsearch component being vulnerable.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Atlassian
|
||
product: Confluence Server & Data Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
|
||
notes: This product may be affected by a related but lower severity vulnerability
|
||
if running in a specific non-default configuration.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Atlassian
|
||
product: Crowd Server & Data Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
|
||
notes: This product may be affected by a related but lower severity vulnerability
|
||
if running in a specific non-default configuration.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Atlassian
|
||
product: Crucible
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
|
||
notes: This product may be affected by a related but lower severity vulnerability
|
||
if running in a specific non-default configuration.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Atlassian
|
||
product: Fisheye
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
|
||
notes: This product may be affected by a related but lower severity vulnerability
|
||
if running in a specific non-default configuration.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Atlassian
|
||
product: Jira Server & Data Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions:
|
||
- All
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
|
||
notes: This product may be affected by a related but lower severity vulnerability
|
||
if running in a specific non-default configuration.
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Attivo networks
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AudioCodes
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://services.audiocodes.com/app/answers/kbdetail/a_id/2225
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Autodesk
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html
|
||
notes: Autodesk is continuing to perform a thorough investigation in relation
|
||
to the recently discovered Apache Log4j security vulnerabilities. We continue
|
||
to implement several mitigating factors for our products including patching,
|
||
network firewall blocks, and updated detection signatures to reduce the threat
|
||
of this vulnerability and enhance our ability to quickly respond to potential
|
||
malicious activity. We have not identified any compromised systems in the Autodesk
|
||
environment due to this vulnerability, at this time. This is an ongoing investigation
|
||
and we will provide updates on the [Autodesk Trust Center as we learn more](https://www.autodesk.com/trust/overview).
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-21T00:00:00'
|
||
- vendor: Automox
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://blog.automox.com/log4j-critical-vulnerability-scores-a-10
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Autopsy
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.autopsy.com/autopsy-and-log4j-vulnerability/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Auvik
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://status.auvik.com/incidents/58bfngkz69mj
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Avantra SYSLINK
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avantra.com/support/solutions/articles/44002291388-cve-2021-44228-log4j-2-vulnerability
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Analytics
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '3.5'
|
||
- '3.6'
|
||
- 3.6.1
|
||
- '3.7'
|
||
- '4'
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Aura for OneCloud Private
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: Avaya is scanning and monitoring its OneCloud Private environments as part
|
||
of its management activities. Avaya will continue to monitor this fluid situation
|
||
and remediations will be made as patches become available, in accordance with
|
||
appropriate change processes.
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Aura® Application Enablement Services
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 8.1.3.2
|
||
- 8.1.3.3
|
||
- '10.1'
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- '[PSN020551u](https://download.avaya.com/css/public/documents/101079386)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Aura® Contact Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 7.0.2
|
||
- 7.0.3
|
||
- '7.1'
|
||
- 7.1.1
|
||
- 7.1.2
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Aura® Device Services
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '8'
|
||
- '8.1'
|
||
- 8.1.4
|
||
- 8.1.5
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Aura® Media Server
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 8.0.0
|
||
- 8.0.1
|
||
- 8.0.2
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- '[PSN020549u](https://download.avaya.com/css/secure/documents/101079316)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Aura® Presence Services
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '10.1'
|
||
- 7.1.2
|
||
- '8'
|
||
- 8.0.1
|
||
- 8.0.2
|
||
- '8.1'
|
||
- 8.1.1
|
||
- 8.1.2
|
||
- 8.1.3
|
||
- 8.1.4
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Aura® Session Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '10.1'
|
||
- 7.1.3
|
||
- '8'
|
||
- 8.0.1
|
||
- '8.1'
|
||
- 8.1.1
|
||
- 8.1.2
|
||
- 8.1.3
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- '[PSN020550u](https://download.avaya.com/css/public/documents/101079384)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Aura® System Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '10.1'
|
||
- 8.1.3
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- '[PSN005565u](https://download.avaya.com/css/secure/documents/101079390)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Aura® Web Gateway
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 3.11[P]
|
||
- 3.8.1[P]
|
||
- 3.8[P]
|
||
- 3.9.1 [P]
|
||
- 3.9[P]
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Breeze™
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '3.7'
|
||
- '3.8'
|
||
- 3.8.1
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Contact Center Select
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 7.0.2
|
||
- 7.0.3
|
||
- '7.1'
|
||
- 7.1.1
|
||
- 7.1.2
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya CRM Connector - Connected Desktop
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '2.2'
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Device Enablement Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 3.1.22
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Meetings
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 9.1.10
|
||
- 9.1.11
|
||
- 9.1.12
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya one cloud private -UCaaS - Mid Market Aura
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '1'
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya OneCloud-Private
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '2'
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Session Border Controller for Enterprise
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 8.0.1
|
||
- '8.1'
|
||
- 8.1.1
|
||
- 8.1.2
|
||
- 8.1.3
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- '[PSN020554u](https://download.avaya.com/css/public/documents/101079394)'
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Social Media Hub
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Workforce Engagement
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '5.3'
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Business Rules Engine
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '3.4'
|
||
- '3.5'
|
||
- '3.6'
|
||
- '3.7'
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Callback Assist
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '5'
|
||
- 5.0.1
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Control Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 9.0.2
|
||
- 9.0.2.1
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Device Enrollment Service
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- '3.1'
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Equinox™ Conferencing
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 9.1.2
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Interaction Center
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 7.3.9
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: IP Office™ Platform
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 11.0.4
|
||
- '11.1'
|
||
- 11.1.1
|
||
- 11.1.2
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Proactive Outreach Manager
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 3.1.2
|
||
- 3.1.3
|
||
- '4'
|
||
- 4.0.1
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: Avaya
|
||
product: Avaya Aura® Device Services
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: true
|
||
affected_versions:
|
||
- 8.0.1
|
||
- 8.0.2
|
||
- 8.1.3
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2021-12-14T00:00:00'
|
||
- vendor: AVEPOINT
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.avepoint.com/company/java-zero-day-vulnerability-notification
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AVM
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://avm.de/service/aktuelle-sicherheitshinweise/#Schwachstelle%20im%20Java-Projekt%20%E2%80%9Elog4j%E2%80%9C
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AvTech RoomAlert
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://avtech.com/articles/23124/java-exploit-room-alert-link/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AWS New
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AXON
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://my.axon.com/s/trust/response-to-log4j2-vuln?language=en_US
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: AXS Guard
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://www.axsguard.com/en_US/blog/security-news-4/log4j-vulnerability-77
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
- vendor: Axways Applications
|
||
product: ''
|
||
cves:
|
||
cve-2021-4104:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-44228:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45046:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
cve-2021-45105:
|
||
investigated: false
|
||
affected_versions: []
|
||
fixed_versions: []
|
||
unaffected_versions: []
|
||
vendor_links:
|
||
- https://support.axway.com/news/1331/lang/en
|
||
notes: ''
|
||
references:
|
||
- ''
|
||
last_updated: '2022-01-12T07:18:50+00:00'
|
||
...
|