1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-09 18:37:55 +00:00
log4j-affected-db/data/cisagov_A.yml
2022-01-24 22:27:28 +00:00

5057 lines
145 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
version: '1.0'
owners:
- name: cisagov
url: https://github.com/cisagov/log4j-affected-db
software:
- vendor: ABB
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://search.abb.com/library/Download.aspx?DocumentID=9ADB012621&LanguageCode=en&DocumentPartId=&Action=Launch
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ABB
product: ABB Remote Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- ABB Remote Platform (RAP)
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ABB
product: AlarmInsight Cloud
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- AlarmInsight KPI Dashboards 1.0.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ABB
product: B&R Products
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- See Vendor Advisory
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.br-automation.com/downloads_br_productcatalogue/assets/1639507581859-en-original-1.0.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Abbott
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.abbott.com/policies/cybersecurity/apache-Log4j.html
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Abnormal Security
product: Abnormal Security
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://abnormalsecurity.com/blog/attackers-use-email-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accellence
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.accellence.de/en/articles/national-vulnerability-database-62
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Accellion
product: Kiteworks
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v7.6 release
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.kiteworks.com/kiteworks-news/log4shell-apache-vulnerability-what-kiteworks-customers-need-to-know/
notes: '"As a precaution, Kiteworks released a 7.6.1 Hotfix software update to
address the vulnerability. This patch release adds the mitigation for CVE-2021-44228
contained in the Solr package as recommended by Apache Solr group. Specifically,
it updates the Log4j library to a non-vulnerable version on CentOS 7 systems
as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true”
to disable the possible attack vector on both CentOS 6 and CentOS 7."'
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Acquia
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.acquia.com/hc/en-us/articles/4415823329047-Apache-log4j-CVE-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Acronis
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://security-advisory.acronis.com/advisories/SEC-3859
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ActiveState
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.activestate.com/blog/activestate-statement-java-log4j-vulnerability/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adaptec
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://ask.adaptec.com/app/answers/detail/a_id/17523/kw/log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Addigy
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://addigy.com/blog/addigy-and-apaches-log4j2-cve-2021-44228-status/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adeptia
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.adeptia.com/hc/en-us/articles/4412815509524-CVE-2021-44228-Log4j2-Vulnerability-Mitigation-
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Adobe ColdFusion
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://helpx.adobe.com/coldfusion/kb/log4j-vulnerability-coldfusion.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: ADP
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.adp.com/about-adp/data-security/alerts/adp-vulnerability-statement-apache-log4j-vulnerability-cve-2021-44228.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Advanced Systems Concepts (formally Jscape)
product: Active MFT
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Advanced Systems Concepts (formally Jscape)
product: MFT
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Advanced Systems Concepts (formally Jscape)
product: MFT Gateway
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Advanced Systems Concepts (formally Jscape)
product: MFT Server
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.advsyscon.com/hc/en-us/articles/4413631831569
notes: This advisory is available to customers only and has not been reviewed
by CISA
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: AFAS Software
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.afas.nl/vraagantwoord/NL/SE/120439.htm
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
product: AFHCANcart
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
product: AFHCANmobile
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
product: AFHCANServer
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
product: AFHCANsuite
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
product: AFHCANupdate
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AFHCAN Global LLC
product: AFHCANweb
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 8.0.7 - 8.4.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://afhcan.org/support.aspx
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Agilysys
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://info.agilysys.com/webmail/76642/2001127877/c3fda575e2313fac1f6a203dc6fc1db2439c3db0da22bde1b6c1b6747d7f0e2f
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Akamai
product: SIEM Splunk Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://splunkbase.splunk.com/app/4310/
notes: v1.4.11 is the new recommendation for mitigation of log4j vulnerabilities
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Alcatel
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://dokuwiki.alu4u.com/doku.php?id=log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alertus
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://help.alertus.com/s/article/Security-Advisory-Log4Shell-Vulnerability?language=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alexion
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://alexion.nl/blog/alexion-crm-niet-vatbaar-voor-log4shell
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alfresco
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://hub.alfresco.com/t5/alfresco-content-services-blog/cve-2021-44228-related-to-apache-log4j-security-advisory/ba-p/310717
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AlienVault
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://success.alienvault.com/s/article/are-USM-Anywhere-or-USM-Central-vulnerable-to-CVE-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Alphatron Medical
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.alphatronmedical.com/home.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Athena
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- Linux 1
- '2'
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: 'Notes: Amazon Linux 1 had aws apitools which were Java based but these
were deprecated in 2015 [AWS Forum](https://forums.aws.amazon.com/thread.jspa?threadID=323611).
AMIs used to inspect and verify (base spin ups) - amzn-ami-hvm-2018.03.0.20200318.1-x86_64-gp2
and amzn2-ami-kernel-5.10-hvm-2.0.20211201.0-x86_64-gp2'
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: AWS API Gateway
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- All
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-20T00:00:00'
- vendor: Amazon
product: AWS CloudHSM
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 3.4.1.
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS Connect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- All
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Vendors recommend evaluating components of the environment outside of the
Amazon Connect service boundary, which may require separate/additional customer
mitigation
references:
- ''
last_updated: '2021-12-23T00:00:00'
- vendor: Amazon
product: AWS DynamoDB
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS EKS, ECS, Fargate
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Unknown
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: To help mitigate the impact of the open-source Apache “Log4j2" utility
(CVE-2021-44228 and CVE-2021-45046) security issues on customers containers,
Amazon EKS, Amazon ECS, and AWS Fargate are deploying a Linux-based update (hot-patch).
This hot-patch will require customer opt-in to use, and disables JNDI lookups
from the Log4J2 library in customers containers. These updates are available
as an Amazon Linux package for Amazon ECS customers, as a DaemonSet for Kubernetes
users on AWS, and will be in supported AWS Fargate platform versions
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS ElastiCache
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS ELB
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-16T00:00:00'
- vendor: Amazon
product: AWS Inspector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS Kinesis Data Stream
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Unknown
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: We are actively patching all sub-systems that use Log4j2 by applying updates.
The Kinesis Client Library (KCL) version 2.X and the Kinesis Producer Library
(KPL) are not impacted. For customers using KCL 1.x, we have released an updated
version and we strongly recommend that all KCL version 1.x customers upgrade
to KCL version 1.14.5 (or higher)
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS Lambda
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Unknown
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS Lambda
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Unknown
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: AWS RDS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Amazon RDS and Amazon Aurora have been updated to mitigate the issues identified
in CVE-2021-44228
references:
- ''
last_updated: '2021-12-17T00:00:00'
- vendor: Amazon
product: AWS S3
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS SNS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: Amazon SNS systems that serve customer traffic are patched against the
Log4j2 issue. We are working to apply the Log4j2 patch to sub-systems that operate
separately from SNSs systems that serve customer traffic
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Amazon
product: AWS SQS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- Unknown
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: CloudFront
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: CloudWatch
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: EC2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- Amazon Linux 1 & 2
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Amazon
product: ELB
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: KMS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: OpenSearch
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Unknown
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-005/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: RDS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Route 53
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: S3
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: Translate
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/translate/
notes: Service not identified on [AWS Log4j Security Bulletin](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/)
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Amazon
product: VPC
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AMD
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1034
notes: Currently, no AMD products have been identified as affected. AMD is continuing
its analysis.
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Anaconda
product: Anaconda
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 4.10.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.conda.io/projects/conda/en/latest/index.html
notes: ''
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Apache
product: ActiveMQ Artemis
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://activemq.apache.org/news/cve-2021-44228
notes: ActiveMQ Artemis does not use Log4j for logging. However, Log4j 1.2.17
is included in the Hawtio-based web console application archive (i.e. [web/console.war/WEB-INF/lib](web/console.war/WEB-INF/lib)).
Although this version of Log4j is not impacted by CVE-2021-44228 future versions
of Artemis will be updated so that the Log4j jar is no longer included in the
web console application archive. See [ARTEMIS-3612](https://issues.apache.org/jira/browse/ARTEMIS-3612)
for more information on that task.
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Apache
product: Airflow
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/apache/airflow/tree/main/airflow
notes: Airflow is written in Python
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Camel
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 3.14.1.3.11.5
- 3.7.7
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: Apache Camel does not directly depend on Log4j 2, so we are not affected
by CVE-2021-44228.If you explicitly added the Log4j 2 dependency to your own
applications, make sure to upgrade.Apache Camel does use log4j during testing
itself, and therefore you can find that we have been using log4j v2.13.3 release
in our latest LTS releases Camel 3.7.6, 3.11.4.
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Camel 2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Camel JBang
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- <=3.1.4
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Camel K
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Camel Karaf
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: The Karaf team is aware of this and are working on a new Karaf 4.3.4 release
with updated log4j.
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Camel Quarkus
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: CamelKafka Connector
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://camel.apache.org/blog/2021/12/log4j2/
notes: ''
references:
- ''
last_updated: '2021-12-13T00:00:00'
- vendor: Apache
product: Druid
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < druid 0.22.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/apache/druid/releases/tag/druid-0.22.1
notes: ''
references:
- ''
last_updated: '2021-12-12T00:00:00'
- vendor: Apache
product: Flink
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- < 1.14.2
- 1.13.5
- 1.12.7
- 1.11.6
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://flink.apache.org/2021/12/10/log4j-cve.html
notes: 'To clarify and avoid confusion: The 1.14.1 / 1.13.4 / 1.12.6 / 1.11.5
releases, which were supposed to only contain a Log4j upgrade to 2.15.0, were
skipped because CVE-2021-45046 was discovered during the release publication.
The new 1.14.2 / 1.13.5 / 1.12.7 / 1.11.6 releases include a version upgrade
for Log4j to version 2.16.0 to address CVE-2021-44228 and CVE-2021-45046.'
references:
- '[https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html](https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html)'
last_updated: '2021-12-12T00:00:00'
- vendor: Apache
product: Kafka
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://kafka.apache.org/cve-list
notes: The current DB lists Apache Kafka as impacted. Apache Kafka uses Log4jv1,
not v2.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Apache
product: Kafka
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Unknown
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://logging.apache.org/log4j/2.x/security.html
notes: Only vulnerable in certain configuration(s)
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Log4j
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 2.15.0
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://logging.apache.org/log4j/2.x/security.html
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apache
product: Solr
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- 7.4.0 to 7.7.3
- 8.0.0 to 8.11.0
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228
notes: Update to 8.11.1 or apply fixes as described in Solr security advisory
references:
- '[Apache Solr 8.11.1 downloads](https://solr.apache.org/downloads.html)'
last_updated: '2021-12-16T00:00:00'
- vendor: Apache
product: Struts 2
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- Versions before 2.5.28.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://struts.apache.org/announce-2021
notes: The Apache Struts group is pleased to announce that Struts 2.5.28.1 is
available as a “General Availability” release. The GA designation is our highest
quality grade. This release addresses Log4j vulnerability CVE-2021-45046 by
using the latest Log4j 2.12.2 version (Java 1.7 compatible).
references:
- '[Apache Struts Release Downloads](https://struts.apache.org/download.cgi#struts-ga)'
last_updated: '2021-12-21T00:00:00'
- vendor: Apache
product: Tomcat
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- 9.0.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://tomcat.apache.org/security-9.html
notes: Apache Tomcat 9.0.x has no dependency on any version of log4j. Web applications
deployed on Apache Tomcat may have a dependency on log4j. You should seek support
from the application vendor in this instance. It is possible to configure Apache
Tomcat 9.0.x to use log4j 2.x for Tomcat's internal logging. This requires explicit
configuration and the addition of the log4j 2.x library. Anyone who has switched
Tomcat's internal logging to log4j 2.x is likely to need to address this vulnerability.
In most cases, disabling the problematic feature will be the simplest solution.
Exactly how to do that depends on the exact version of log4j 2.x being used.
Details are provided on the [log4j 2.x security page](https://logging.apache.org/log4j/2.x/security.html)
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: APC by Schneider Electric
product: Powerchute Business Edition
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- v9.5
- v10.0.1
- v10.0.2
- v10.0.3
- v10.0.4
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345
notes: Mitigation instructions to remove the affected class.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: APC by Schneider Electric
product: Powerchute Network Shutdown
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- '4.2'
- '4.3'
- '4.4'
- 4.4.1
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345
notes: Mitigation instructions to remove the affected class.
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Apereo
product: CAS
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 6.3.x & 6.4.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://apereo.github.io/2021/12/11/log4j-vuln/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apereo
product: Opencast
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- < 9.10
- < 10.6
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://github.com/opencast/opencast/security/advisories/GHSA-mf4f-j588-5xm8
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apigee
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://status.apigee.com/incidents/3cgzb0q2r10p
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Apollo
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.apollographql.com/t/log4j-vulnerability/2214
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Appdynamics
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Appeon
product: PowerBuilder
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- Appeon PowerBuilder 2017-2021 regardless of product edition
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: AppGate
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.appgate.com/blog/appgate-sdp-unaffected-by-log4j-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Appian
product: Appian Platform
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions:
- All
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.appian.com/support/w/kb/2511/kb-2204-information-about-the-log4j2-security-vulnerabilities-cve-2021-44228-cve-2021-45046
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: Application Performance Ltd
product: DBMarlin
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions:
- Not Affected
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links: []
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: Application Performance Ltd
product: DBMarlin
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.dbmarlin.com/docs/faqs/frequently-asked-questions/?_ga=2.72968147.1563671049.1639624574-1296952804.1639624574#apache-log4j-vulnerability-cve-2021-4428
notes: ''
references:
- ''
last_updated: '2021-12-15T00:00:00'
- vendor: APPSHEET
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aptible
product: Aptible
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- ElasticSearch 5.x
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aqua Security
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://docs.google.com/document/d/e/2PACX-1vSmFR3oHPXOih1wENKd7RXn0dsHzgPUe91jJwDTsaVxJtcJEroktWNLq7BMUx9v7oDZRHqLVgkJnqCm/pub
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arbiter Systems
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arbiter.com/news/index.php?id=4403
notes: ''
references:
- ''
last_updated: '2021-12-22T00:00:00'
- vendor: ARC Informatique
product: All
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1141-security-bulletin-2021-1
notes: ''
references:
- ''
last_updated: '2022-01-13T00:00:00'
- vendor: Arca Noae
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arcanoae.com/apache-log4j-vulnerability-cve-2021-44228/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arcserve
product: Arcserve Backup
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: Arcserve Continuous Availability
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: Arcserve Email Archiving
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: Arcserve UDP
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- 6.5-8.3
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: ShadowProtect
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: ShadowXafe
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: Solo
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: Arcserve
product: StorageCraft OneXafe
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.storagecraft.com/s/article/Log4J-Update
notes: ''
references:
- '[https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US)'
last_updated: '2021-12-14T00:00:00'
- vendor: ArcticWolf
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://arcticwolf.com/resources/blog/log4j
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arduino
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.arduino.cc/hc/en-us/articles/4412377144338-Arduino-s-response-to-Log4j2-vulnerability-CVE-2021-44228
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ariba
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://connectsupport.ariba.com/sites#announcements-display&/Event/908469
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Arista
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Aruba Networks
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://asp.arubanetworks.com/notifications/Tm90aWZpY2F0aW9uOjEwMTQ0;notificationCategory=Security
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Ataccama
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.ataccama.com/files/log4j2-vulnerability-cve-2021-44228-fix.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atera
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.reddit.com/r/atera/comments/rh7xb1/apache_log4j_2_security_advisory_update/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Bamboo Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Bitbucket Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- All
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product is not vulnerable to remote code execution but may leak information
due to the bundled Elasticsearch component being vulnerable.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Confluence Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Crowd Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Crucible
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Fisheye
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atlassian
product: Jira Server & Data Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
notes: This product may be affected by a related but lower severity vulnerability
if running in a specific non-default configuration.
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Attivo networks
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Atvise
product: All
cves:
cve-2021-4104:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions: []
fixed_versions: []
unaffected_versions:
- All
cve-2021-45046:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: ''
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.atvise.com/en/articles/at-log4j-sicherheitsluecke-atvise-produkte-und-terminals-nicht-betroffen
notes: The security vulnerability does NOT affect our applications and products
or pose any threat. This applies to all Bachmann applications and products,
including atvise solutions.
references:
- ''
last_updated: '2022-01-17T00:00:00'
- vendor: AudioCodes
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://services.audiocodes.com/app/answers/kbdetail/a_id/2225
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Autodesk
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html
notes: Autodesk is continuing to perform a thorough investigation in relation
to the recently discovered Apache Log4j security vulnerabilities. We continue
to implement several mitigating factors for our products including patching,
network firewall blocks, and updated detection signatures to reduce the threat
of this vulnerability and enhance our ability to quickly respond to potential
malicious activity. We have not identified any compromised systems in the Autodesk
environment due to this vulnerability, at this time. This is an ongoing investigation
and we will provide updates on the [Autodesk Trust Center as we learn more](https://www.autodesk.com/trust/overview).
references:
- ''
last_updated: '2021-12-21T00:00:00'
- vendor: Automox
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://blog.automox.com/log4j-critical-vulnerability-scores-a-10
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Autopsy
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.autopsy.com/autopsy-and-log4j-vulnerability/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Auvik
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://status.auvik.com/incidents/58bfngkz69mj
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Avantra SYSLINK
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avantra.com/support/solutions/articles/44002291388-cve-2021-44228-log4j-2-vulnerability
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Avaya
product: Avaya Analytics
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '3.5'
- '3.6'
- 3.6.1
- '3.7'
- '4'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura for OneCloud Private
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: Avaya is scanning and monitoring its OneCloud Private environments as part
of its management activities. Avaya will continue to monitor this fluid situation
and remediations will be made as patches become available, in accordance with
appropriate change processes.
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura® Application Enablement Services
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 8.1.3.2
- 8.1.3.3
- '10.1'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN020551u](https://download.avaya.com/css/public/documents/101079386)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura® Contact Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.0.2
- 7.0.3
- '7.1'
- 7.1.1
- 7.1.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura® Device Services
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '8'
- '8.1'
- 8.1.4
- 8.1.5
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura® Device Services
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 8.0.1
- 8.0.2
- 8.1.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura® Media Server
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 8.0.0
- 8.0.1
- 8.0.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN020549u](https://download.avaya.com/css/secure/documents/101079316)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura® Presence Services
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '10.1'
- 7.1.2
- '8'
- 8.0.1
- 8.0.2
- '8.1'
- 8.1.1
- 8.1.2
- 8.1.3
- 8.1.4
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura® Session Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '10.1'
- 7.1.3
- '8'
- 8.0.1
- '8.1'
- 8.1.1
- 8.1.2
- 8.1.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN020550u](https://download.avaya.com/css/public/documents/101079384)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura® System Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '10.1'
- 8.1.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN005565u](https://download.avaya.com/css/secure/documents/101079390)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Aura® Web Gateway
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 3.11[P]
- 3.8.1[P]
- 3.8[P]
- 3.9.1 [P]
- 3.9[P]
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Breeze™
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '3.7'
- '3.8'
- 3.8.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Contact Center Select
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.0.2
- 7.0.3
- '7.1'
- 7.1.1
- 7.1.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya CRM Connector - Connected Desktop
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '2.2'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Device Enablement Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 3.1.22
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Meetings
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 9.1.10
- 9.1.11
- 9.1.12
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya one cloud private -UCaaS - Mid Market Aura
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '1'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya OneCloud-Private
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '2'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Session Border Controller for Enterprise
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 8.0.1
- '8.1'
- 8.1.1
- 8.1.2
- 8.1.3
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- '[PSN020554u](https://download.avaya.com/css/public/documents/101079394)'
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Social Media Hub
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Avaya Workforce Engagement
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '5.3'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Business Rules Engine
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '3.4'
- '3.5'
- '3.6'
- '3.7'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Callback Assist
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '5'
- 5.0.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Control Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 9.0.2
- 9.0.2.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Device Enrollment Service
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- '3.1'
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Equinox™ Conferencing
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 9.1.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Interaction Center
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 7.3.9
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: IP Office™ Platform
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 11.0.4
- '11.1'
- 11.1.1
- 11.1.2
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: Avaya
product: Proactive Outreach Manager
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: true
affected_versions:
- 3.1.2
- 3.1.3
- '4'
- 4.0.1
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609
notes: ''
references:
- ''
last_updated: '2021-12-14T00:00:00'
- vendor: AVEPOINT
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.avepoint.com/company/java-zero-day-vulnerability-notification
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AVM
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://avm.de/service/aktuelle-sicherheitshinweise/#Schwachstelle%20im%20Java-Projekt%20%E2%80%9Elog4j%E2%80%9C
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AvTech RoomAlert
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://avtech.com/articles/23124/java-exploit-room-alert-link/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AWS New
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AXON
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://my.axon.com/s/trust/response-to-log4j2-vuln?language=en_US
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: AXS Guard
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://www.axsguard.com/en_US/blog/security-news-4/log4j-vulnerability-77
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
- vendor: Axways Applications
product: ''
cves:
cve-2021-4104:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-44228:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45046:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
cve-2021-45105:
investigated: false
affected_versions: []
fixed_versions: []
unaffected_versions: []
vendor_links:
- https://support.axway.com/news/1331/lang/en
notes: ''
references:
- ''
last_updated: '2022-01-12T07:18:50+00:00'
...