search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Apache Log4j allows insecure JNDI lookups

Vulnerability Note VU#930724

Original Release Date: 2021-12-15 | Last Revised: 2022-01-18

Overview

Apache Log4j allows insecure JNDI lookups that could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the vulnerable Java application using Log4j.

CISA has published Apache Log4j Vulnerability Guidance and provides a Software List.

Description

The default configuration of Apache Log4j supports JNDI (Java Naming and Directory Interface) lookups that can be exploited to exfiltrate data or execute arbitrary code via remote services such as LDAP, RMI, and DNS.

This vulnerability note includes information about the following related vulnerabilities.

  • CVE-2021-44228 tracks the initial JNDI injection and RCE vulnerability in Log4j 2. This vulnerability poses considerabily more risk than the others.

  • CVE-2021-4104 tracks a very similar vulnerability that affects Log4j 1 if JMSAppender and malicious connections have been configured.

  • CVE-2021-45046 tracks an incomplete fix for CVE-2021-44228 affecting Log4j 2.15.0 when an attacker has "...control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern."

We provide tools to scan for vulnerable jar files.

More information is available from the Apache Log4j Security Vulnerabilities page, including these highlights.

Certain conditions must be met to make Log4j 1.x vulnerable:

Log4j 1.x mitigation: Log4j 1.x does not have Lookups so the risk is lower. Applications using Log4j 1.x are only vulnerable to this attack when they use JNDI in their configuration. A separate CVE (CVE-2021-4104) has been filed for this vulnerability. To mitigate: audit your logging configuration to ensure it has no JMSAppender configured. Log4j 1.x configurations without JMSAppender are not impacted by this vulnerability.

Log4j API code alone is not affected:

Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.

Impact

A remote, unauthenticated attacker with the ability to log specially crafted messages can cause Log4j to connect to a service controlled by the attacker to download and execute arbitrary code.

Solution

In Log4j 2.12.2 (for Java 7) and 2.16.0 (for Java 8 or later) the message lookups feature has been completely removed. In addition, JNDI is disabled by default and other default configuration settings are modified to mitigate CVE-2021-44228 and CVE-2021-45046.

For Log4j 1, remove the JMSAppender class or do not configure it. Log4j 1 is not supported and likely contains unfixed bugs and vulnerabilities (such as CVE-2019-17571).

For applications, services, and systems that use Log4j, consult the appropriate vendor or provider. See the CISA Log4j Software List and the Vendor Information section below.

Workarounds

Remove the JndiLookup class from the classpath, for example:

zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class

As analysis has progressed, certain mitigations have been found to be less effective or incomplete. See "Older (discredited) mitigation measures" on the Apache Log4j Security Vulnerabilities page.

SLF4J also recommends write-protecting Log4j configuration files.

Acknowledgements

Apache credits Chen Zhaojun of Alibaba Cloud Security Team for reporting CVE-2021-44228 and CVE-2021-4104 and Kai Mindermann of iC Consult for CVE-2021-45046.

Much of the content of this vulnerability note is derived from Apache Log4j Security Vulnerabilities and http://slf4j.org/log4shell.html.

This document was written by Art Manion.

Vendor Information

930724
 

ABB Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

Please refer to the list of cyber security advisories on the ABB website: https://global.abb/group/en/technology/cyber-security/alerts-and-notifications

References

Adobe Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 16, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

https://helpx.adobe.com/security/products/log4j-2-advisory.html

References

ADTRAN Affected

Notified:  2021-12-12 Updated: 2021-12-22

Statement Date:   December 21, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

ADTRAN has published security advisory ADTSA-2021004 regarding CVE-2021-4104, CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105. Please see the advisory linked in the reference section below for additional details.

References

Amazon Affected

Notified:  2021-12-13 Updated: 2021-12-21

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Apache Commons Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Apache Solr Affected

Notified:  2021-12-17 Updated: 2021-12-22

Statement Date:   December 21, 2021

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Not Affected

Vendor Statement

Apache Solr releases prior to 8.11.1 were using a bundled version of the Apache Log4J library vulnerable to RCE (see CVE-2021-44228). Malicious input from a user-supplied query string (or any other URL request parameter like request handler name) is logged by default with log4j.

Apache Solr releases prior to 7.4 (i.e. Solr 5, Solr 6, and Solr 7 through 7.3) use Log4J 1.2.17 which may be vulnerable for installations using non-default logging configurations that include the JMS Appender (see CVE-2021-4104).

In response to the vulnerabilities, the Apache Solr team released version Solr 8.11.1 that bundles log4j 2.16.0. An update to 2.17.0 (or later) will be done with the next maintenance release as Solr is not vulnerable to CVE-2021-45105 (see below).

Apache Solr releases are not vulnerable to the followup CVE-2021-45046 and CVE-2021-45105, because the MDC patterns used by Solr are for the collection, shard, replica, core and node names, and a potential trace id, which are all sanitized and injected into log files with "%X". Passing system property log4j2.formatMsgNoLookups=true is suitable to mitigate.

Solr's Prometheus Exporter uses Log4J as well but it does not log user input or data, so we don't see a risk there.

References

Apache Spark Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Apache Struts Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Apache Tomcat Affected

Notified:  2021-12-13 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Apereo Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Arista Networks Affected

Notified:  2021-12-13 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Affected
Vendor Statement:
Affected: * Embedded Fabric Analytics module for Converged Cloud Fabric (formerly Big Cloud Fabric) - CCF / BCF earlier than 5.3.0
CVE-2021-44228 Affected
Vendor Statement:
Affected * CloudVision Portal * 2019.1.0 and all later releases (*) * CloudVision Wi-Fi, virtual appliance or physical appliance * 8.8 and all later releases * Analytics Node for DANZ Monitoring Fabric (formerly Big Monitoring Fabric) * DMF (BMF) 7.0.0 and later (*) * Analytics Node for Converged Cloud Fabric (formerly Big Cloud Fabric) * Analytics Node 7.0.0 and later (*) * Embedded Fabric Analytics module for Converged Cloud Fabric (formerly Big Cloud Fabric) * CCF (BCF) 5.3.0 and later (*) (*) The affected products use Log4j indirectly through Elasticsearch and/or Logstash. Based on Arista’s analysis of the use of these modules and information provided by Elastic, we believe there is no vulnerability of Remote Code Execution. There is a possibility of Information Leak and/or Denial-of-Service and we recommend the mitigations be implemented. Not Affected * Arista EOS-based products * CloudVision physical appliance * Arista 7130 Systems running MOS * Awake Security Platform * Arista Wireless Access Points * Other Components of Converged Cloud Fabric and DANZ Monitoring Fabric * DMF: Controller, Service Node, Recorder Node * Switchlight OS * Multi-Cloud Director
CVE-2021-45046 Not Affected

References

Aruba Networks Affected

Notified:  2021-12-13 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

Aruba has issued a security advisory regarding our status in regards to CVE-2021-44228. It can be found at the case reference below. Most of our products are unaffected, but Silver Peak Orchestrator is affected in some configurations. See the advisory for more detail.

References

Atlassian Affected

Notified:  2021-12-13 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Not Affected
Vendor Statement:
This affects the following non-default, unsupported configurations: - The JMS Appender is configured in the application's Log4j configuration - The javax.jms API is included in the application's CLASSPATH - An attacker configures the JMS Appender with a malicious JNDI lookup - One of the following Atlassian products is being used: * Bamboo Server and Data Center * Confluence Server and Data Center * Crowd Server and Data Center * Fisheye / Crucible * Jira Service Management Server and Data Center * Jira Software Server and Data Center (including Jira Core)
CVE-2021-44228 Affected
Vendor Statement:
Bitbucket Server and Data Center are vulnerable to CVE-2021-44228. Systems are vulnerable when configured to use the version of Elasticsearch bundled with Bitbucket Server and Data Center.
CVE-2021-45046 Not Affected
Vendor Statement:
Atlassian on-premises products are not vulnerable to CVE-2021-45046.

Baidu Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

beyondtrust Affected

Notified:  2021-12-13 Updated: 2021-12-22

Statement Date:   December 22, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

BMC Software Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

BOSCH Affected

Notified:  2021-12-13 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

Broadcom Affected

Notified:  2021-12-13 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Brocade Communication Systems Affected

Notified:  2021-12-13 Updated: 2021-12-22

Statement Date:   December 22, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
CVE-2021-45046 Not Affected

Vendor Statement

Brocade has investigated its product line to determine the exposure of Brocade Fibre Channel products from Broadcom. Brocade continues to monitor all sources of information related to these vulnerabilities. Brocade Security Advisory is at: https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1651

Caelo NELSON Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Cisco Affected

Notified:  2021-12-13 Updated: 2021-12-15

Statement Date:   December 10, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Citrix Affected

Notified:  2021-12-13 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Commvault Affected

Notified:  2021-12-13 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

cPanel Inc. Affected

Notified:  2021-12-13 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Cradlepoint Affected

Notified:  2021-12-13 Updated: 2022-01-12

Statement Date:   January 12, 2022

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

https://cradlepoint.com/vulnerability-alerts/cve-2021-44228-apache-log4j-security-vulnerabilities/

NetCloud OS (NCOS) does not use java, thus, Cradlepoint devices are unaffected by the Log4J vulnerabilities.

The Cradlepoint incident response team investigated, identified and patched vulnerable versions of Log4J in its cloud services, NetCloud Manager (NCM) and NetCloud Perimeter, as patches became available.

CVSNT Affected

Notified:  2021-12-13 Updated: 2021-12-18

Statement Date:   December 18, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

No products are affected. Customers are NOT affected. There is an impact on some of our web services (eg: customer downloads). Mitigations for CVE-2021-44228 have been applied as of December 14, 2021. Revised mitigations for CVE-2021-44228 and also mitigations for CVE-2021-45046 have been applied as of December 18, 2021.

Debian GNU/Linux Affected

Notified:  2021-12-13 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Dell Affected

Notified:  2021-12-13 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Dell EMC Affected

Notified:  2021-12-13 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Elastic logstash Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Environmental Systems Research Institute Inc Affected

Notified:  2021-12-13 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Exim Affected

Notified:  2021-12-13 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Forcepoint Affected

Notified:  2021-12-13 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

ForeScout Affected

Notified:  2021-12-13 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Fortinet Affected

Notified:  2021-12-13 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

F-Secure Corporation Affected

Notified:  2021-12-13 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Fujitsu Affected

Notified:  2021-12-13 Updated: 2022-01-18

Statement Date:   January 14, 2022

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

Fujitsu is aware of the security vulnerabilities in software Apache log4j ("Log4Shell").

Affected products are Fujitsu Software ServerView Suite (SVS) and Fujitsu SecDocs. Updates are available.

The Fujitsu PSIRT has issued Fujitsu PSS-IS-2021-121000 on https://security.ts.fujitsu.com (Security Notices) accordingly.

In case of questions regarding this Fujitsu PSIRT Security Notice, please contact the Fujitsu PSIRT (Fujitsu-PSIRT@ts.fujitsu.com).

References

GitHub Affected

Notified:  2021-12-13 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Google Affected

Notified:  2021-12-13 Updated: 2022-01-13

Statement Date:   January 13, 2022

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

Google Cloud is actively following the security vulnerabilities in the open-source Apache “Log4j 2" utility (CVE-2021-44228 and CVE-2021-45046). We are also aware of the reported Apache “Log4j 1.x” vulnerability (CVE-2021-4104). We encourage customers to update to the latest version of Log4j 2. We are currently assessing the potential impact of the vulnerability for Google Cloud products and services. This is an ongoing event and we will continue to provide updates through this page (https://cloud.google.com/log4j2-security-advisory) and our customer communications channels.

Based on our findings, Google Workspace core services for consumer and paid users are not using Log4j 2 and are not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. See below for a detailed status of the Workspace core services and other related products.

We recommend Google customers review all third-party apps and solutions accessing their data and validate the security status of those apps with their respective vendors. More details on managing apps authorized to access Google Workspace data are here and customers can review their list of solutions from the Google Cloud Marketplace by logging into their account. We also recommend validating the security status of any apps developed and deployed by customers within their environments.

References

GrayLog Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Hitachi Affected

Notified:  2021-12-13 Updated: 2022-01-04

Statement Date:   January 04, 2022

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

HIRT-PUB21001 : Apache Log4j Vulnerability https://www.hitachi.com/hirt/publications/hirt-pub21001

References

Hitachi Energy Affected

Notified:  2021-12-13 Updated: 2021-12-20

Statement Date:   December 18, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

For published advisories related to the Apache Log4j, please refer to https://www.hitachienergy.com/cybersecurity/alerts-and-notifications

Our cybersecurity notification on Apache Log4j vulnerabilities can be found here: https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch

References

Hostifi Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

HP Inc. Affected

Notified:  2021-12-13 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Huawei Affected

Notified:  2021-12-13 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

IBM Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

Multiple products affected. See https://www.ibm.com/blogs/psirt/ for information on IBM products.

Imperva Inc. Affected

Notified:  2021-12-14 Updated: 2022-01-04

Statement Date:   December 29, 2021

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

Imperva Threat Research is continuing to monitor, create, test and deploy CVE-specific security rules based on new attack variants for all of our customers. We will keep all our customers notified as this progresses.

We continue to scan and patch vulnerabilities in our products and infrastructure as these CVEs are posted.

References

Intel Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

Our security teams are aware of this issue and are in the process of investigating the impact of the Apache log4j security vulnerability on Intel products/software. As with all security vulnerability, this is being treated as a high priority within Intel and Intel will provide our customers with updates as our investigation progresses.

Ivanti Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

JAMF software Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Jenkins Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

JetBrains Affected

Notified:  2021-12-20 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Jitsi Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

kafka Apache Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

KPN-CERT Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 16, 2021

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

Pretty much everyone worldwide is affected by this, and coordinating large-scale response efforts in determining where vulnerable log4j instances are present.

Lucent Sky Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

McAfee Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

Public KB published and being updated - https://kc.mcafee.com/agent/index?page=content&id=KB95091 Includes coverage from our protection products and a link to the registered security bulletin with details on the impact to our products.

Metabase Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Microsoft Affected

Notified:  2021-12-14 Updated: 2021-12-21

Statement Date:   December 15, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

Microsoft's guidance for CVE-2021-44228 can be found at https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ and will be updated as more information becomes available.

References

Minecraft Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

N-able Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

National Instruments (NI) Affected

Notified:  2021-12-14 Updated: 2021-12-24

Statement Date:   December 23, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
CVE-2021-45046 Not Affected

Vendor Statement

The impact to NI products is described in the security advisory at https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html This security advisory will be updated as new information is available.

Questions regarding this advisory can be directed to NI's PSIRT (product-security@ni.com). Additional security information is available at https://ni.com/security.

References

NetApp Affected

Notified:  2021-12-14 Updated: 2021-12-22

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

NetEase Games Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Netflix Inc. Affected

Notified:  2021-12-14 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Newrelic Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

NVIDIA Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 16, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
Vendor Statement:
NVIDIA Security Notice/Response link: https://nvidia.custhelp.com/app/answers/detail/a_id/5294
CVE-2021-45046 Unknown

Vendor Statement

Security Notice: NVIDIA Response to Log4j Vulnerability (CVE-2021-44228) - December 2021

References

openHAB Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

OpenMRS Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

OpenNMS Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

OpenSearch Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Oracle Corporation Affected

Notified:  2021-12-14 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

PagerDuty Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Palo Alto Networks Affected

Notified:  2021-12-14 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

PaperCut Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Real-Time Innovations (RTI) Affected

Notified:  2021-12-14 Updated: 2021-12-22

Statement Date:   December 22, 2021

CVE-2021-4104 Not Affected
Vendor Statement:
RTI products using Log4j 1.x do not use JMSAppender
CVE-2021-44228 Affected
Vendor Statement:
RTI Micro Application Generator is affected in versions 1.0.0 and 1.0.1
CVE-2021-45046 Affected
Vendor Statement:
RTI Micro Application Generator is affected in versions 1.0.0 and 1.0.1

Red Hat Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 16, 2021

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

Please consult with our published Red Hat Security Bulletin RHSB-2021-009 for list of affected products, updates, and mitigation options related to this CVE.

References

Redis Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

Redis Enterprise Cloud, Enterprise Software and Open Source Redis is not vulnerable.

However, Redis Java Clients - Jedis is vulnerable.

Jedis is a Redis sponsored Java client. It uses the affected library in test suites only. A new Jedis release is now available that mitigates the vulnerability. End users are advised to evaluate their exposure to determine upgrade urgency.

https://redis.com/security/notice-apache-log4j2-cve-2021-44228/

Rockwell Automation Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
CVE-2021-45046 Not Affected

Vendor Statement

Our updated disclosure article is below

References

RSA Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501

salesforce.com Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://help.salesforce.com/s/articleView?id=000363736&type=1

SAP SE Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://layersevensecurity.com/securing-sap-systems-from-log4j-exploits/#:~:text=Log4J%20is%20included%20in%20multiple%20SAP%20applications%20including,official%20response%20for%20details%20of%20all%20impacted%20products.

SAS Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

Security Onion Solutions Affected

Notified:  2021-12-21 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

On 2021/12/10, Security Onion Solutions released an initial hotfix to address log4j.

On 2021/12/13, Security Onion Solutions released a second hotfix to address log4j.

On 2021/12/21, Security Onion Solutions released Security Onion 2.3.91 which updates Log4j to 2.17.0.

References

CERT Addendum

https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html

Sendmail Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

Please see URL for the full table for the details on individual Proofpoint products. Open source sendmail is covered separately by the "Sendmail Consortium" vendor in the CERT vulnerability note.

References

ServiceNow Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://support.servicenow.com/now?id=ns_search&q=log4j&s=true&pp=kb_article_view

https://community.servicenow.com/community?id=community_article&sys_id=26ccd67cdb2c0590b5d6e6be1396198f

Siemens Affected

Notified:  2021-12-14 Updated: 2021-12-20

Statement Date:   December 18, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

The impact to Siemens products is described in the Security Advisory SSA-661247, published on the Siemens ProductCERT page (https://www.siemens.com/cert/advisories).

In case of questions regarding this Security Advisory, please contact Siemens ProductCERT (productcert@siemens.com).

References

Sierra Wireless Affected

Notified:  2021-12-14 Updated: 2022-01-18

Statement Date:   January 14, 2022

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
Vendor Statement:
See our security bulletin for details and subscribe to get notifications.
CVE-2021-45046 Not Affected

Software AG Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849

SolarWinds Affected

Notified:  2021-12-14 Updated: 2021-12-18

Statement Date:   December 18, 2021

CVE-2021-4104 Not Affected
Vendor Statement:
SolarWinds reviewed all product source code and found the following conditions: None of the SolarWinds products are affected by this vulnerability. It’s important to note the Orion Platform core is not affected and does not utilize Apache Log4j.
CVE-2021-44228 Affected
Vendor Statement:
SolarWinds reviewed all code and found the following conditions: The only two SolarWinds products we have identified as affected by this vulnerability are Server & Application Monitor (SAM) and Database Performance Analyzer (DPA). We have not identified any other SolarWinds products as affected by this vulnerability. It’s important to note the Orion Platform core is not affected and does not utilize Apache Log4j. Mitigation steps for CVE-2021-44228 vulnerability were made public on December 12, 2021.
CVE-2021-45046 Affected
Vendor Statement:
SolarWinds reviewed all product source code and found the following conditions: The only two SolarWinds products we have identified as affected by this vulnerability are Server & Application Monitor (SAM) and Database Performance Analyzer (DPA). We have not identified any other SolarWinds products as affected by this vulnerability. It’s important to note the Orion Platform core is not affected and does not utilize Apache Log4j. Mitigation Steps for CVE-2021-44228 vulnerability were made public on December 12, 2021. Mitigation Steps were updated with Log4j 2.16 after Apache released the Log4j 2.16 version on December 13, 2021.

References

SonarSource Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721

SonicWall Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032

Sophos Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 16, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

sourceforge Affected

Notified:  2021-12-21 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

"Updated POMs for Log4j 2.16.0. Updated Changelog" https://github.com/bpangburn/swingset/commit/80c6a542d166f8fe8232d87595fcad7c4028760d

Splunk Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html

Spring. Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://kb.vmware.com/s/article/87068?lang=en_US

https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot

Supermicro Affected

Notified:  2021-12-14 Updated: 2021-12-22

Statement Date:   December 22, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

SUSE Linux Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Affected
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

SUSE Linux Enterprise products are not affected by this vulnerability. SUSE Manager is not affected. SUSE Rancher is not affected. SUSE NeuVector is not affected. A component of SUSE OpenStack Cloud (storm) includes log4j, but likely not user reachable.

References

Synopsys Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://www.synopsys.com/company/newsroom/log4j2-vulnerability.html

https://community.synopsys.com/s/article/SIG-Security-Advisory-for-Apache-Log4J2-CVE-2021-44228

https://community.synopsys.com/s/article/Finding-Apache-Log4j-Impacted-Projects-in-Black-Duck

Talend Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://jira.talendforge.org/browse/TCOMP-2054

Tencent Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://github.com/YfryTchsGD/Log4jAttackSurface/blob/master/pages/Tencent.md

Tesla Motors Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://teslamotorsclub.com/tmc/threads/security-issue-log4j.249501/

https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.html

TIBCO Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

TIBCO continues to work on investigating and identifying mitigations for the Apache Log4J vulnerability (CVE-2021-44228), referred to as the “Log4Shell” vulnerability. TIBCO is providing daily status updates on the investigation and available remediations, located here.

Twitter Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://github.com/YfryTchsGD/Log4jAttackSurface

Ubiquiti Affected

Notified:  2021-12-14 Updated: 2021-12-21

Statement Date:   December 20, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
Vendor Statement:
A vulnerable third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application. This vulnerability is fixed in UniFi Network Version 6.5.54 and later.
CVE-2021-45046 Not Affected

Vendor Statement

A vulnerable third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application. This vulnerability is fixed in UniFi Network Version 6.5.54 and later.

References

u-blox Affected

Notified:  2021-12-14 Updated: 2022-01-11

Statement Date:   January 11, 2022

CVE-2021-4104 Not Affected
Vendor Statement:
u-blox is not aware of using Log4j 1.x in any products, services or internal infrastructure.
CVE-2021-44228 Affected
Vendor Statement:
No u-blox products have been affected. Customer-facing services, IT systems and infrastructure have been patched. No action required by u-blox customers.
CVE-2021-45046 Affected
Vendor Statement:
No u-blox products have been affected. Customer-facing services, IT systems and infrastructure have been patched. No action required by u-blox customers.

Ubuntu Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Unify Software and Solutions GmbH and Co. KG Affected

Notified:  2021-12-14 Updated: 2022-01-10

Statement Date:   January 10, 2022

CVE-2021-4104 Unknown
Vendor Statement:
Investigation is ongoing. A separate security advisory will be issued that covers CVE-2021-4104.
CVE-2021-44228 Affected
Vendor Statement:
We started investigation of the CVE
CVE-2021-45046 Unknown
Vendor Statement:
Atos Unify Products are affected. Issue is tracked within the same advisory than CVE-2021-44228

Vendor Statement

Log4j 2 is being used in some of our products. We have issued an advisory for CVE-2021-44228 which can be found here https://networks.unify.com/security/advisories/OBSO-2112-01.pdf.

References

UPMC Enterprises Affected

Notified:  2021-12-14 Updated: 2021-12-20

Statement Date:   December 20, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

The MyUPMC DevSecOps team has been closely monitoring the developing Log4j situation and have implemented all patches where appropriate.

Valve Software (Steam) Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://steamcommunity.com/discussions/forum/0/3203745634149423223/?ctp=3

https://github.com/YfryTchsGD/Log4jAttackSurface

Veracode Affected

Notified:  2021-12-14 Updated: 2021-12-22

Statement Date:   December 22, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

As of Dec 12, 2021 Veracode is not affected by the Log4j vulnerability. All instances of a vulnerable Log4j in our production and in our on-premise agents, integrations, or virtual appliances has been remediated to Log4j 2.15.0.

As of Dec 22, 2021 Veracode All instances of a vulnerable Log4j in our production and in our on-premise agents, integrations, or virtual appliances has been remediated to Log4j 2.16.0. or 2.17.0

References

Veritas Technologies Affected

Notified:  2021-12-14 Updated: 2021-12-18

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

Some Veritas products are affected, others are not. We're currently doing additional research given that Apache has stated that some previously suggested mitigations only limit exposure and that a new log4j vulnerability was published today (Tuesday) that can result in a denial of service. We'll provide a primary URL once things have settled down. Things are still too fluid.

References

VMware Affected

Notified:  2021-12-14 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Wallarm Affected

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://lab.wallarm.com/cve-2021-44228-mitigation-update/

WebEx Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

Some Webex products are not vulnerable. Please check: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd#vp for information.

Wowza Media Systems Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve

WSO2 Affected

Notified:  2021-12-14 Updated: 2021-12-17

Statement Date:   December 17, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
Vendor Statement:
WSO2 has issued a public statement and an incident clarifications regarding CVE-2021-44228 and CVE-2021-45046 at [https://docs.wso2.com/pages/viewpage.action?pageId=180948677](https://docs.wso2.com/pages/viewpage.action?pageId=180948677). * On December 11, 2021 all customers were informed of the immediate mitigation steps to be followed (and automation scripts required in applying temporary mitigations). Mitigation steps WSO2 provided were not affected by changes made in CVE-2021-45046. * WSO2 is current rolling out permanent updates related to all affected product versions.
CVE-2021-45046 Affected
Vendor Statement:
WSO2 has issued a public statement and an incident clarifications regarding CVE-2021-44228 and CVE-2021-45046 at [https://docs.wso2.com/pages/viewpage.action?pageId=180948677](https://docs.wso2.com/pages/viewpage.action?pageId=180948677). * On December 11, 2021 all customers were informed of the immediate mitigation steps to be followed (and automation scripts required in applying temporary mitigations). Mitigation steps WSO2 provided were not affected by changes made in CVE-2021-45046. * WSO2 is current rolling out permanent updates related to all affected product versions.

Xylem Affected

Notified:  2021-12-14 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf

References

Yandex Cloud Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

Yellowfin BI Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 16, 2021

CVE-2021-4104 Not Affected
Vendor Statement:
Current Yellowfin versions do not utilize log4j 1.x, and as such are not affected by this listing. NOTE: Yellowfin versions that use log4j 1.x follow: 7.x (End of Life) <= 8.0.8 <= 9.4 Guidance for users is to upgrade to Yellowfin 8.0.10.4 or 9.7.0.3 or higher.
CVE-2021-44228 Affected
Vendor Statement:
Yellowfin versions affected by this listing include: 9 series: 9.4.0 through 9.7.0.1 8 series: 8.0.8 - 8.0.10.4 Guidance for users is to upgrade to the newest versions of Yellowfin, available in our announcement.
CVE-2021-45046 Affected
Vendor Statement:
Yellowfin versions affected by this listing include: 9 series: 9.4.0 through 9.7.0.1 8 series: 8.0.8 - 8.0.10.4 Guidance for users is to upgrade to the newest versions of Yellowfin, available in our announcement.

Vendor Statement

Yellowfin has confirmed scenarios in which the software may be vulnerable to these issues.

All Yellowfin users are encouraged to update their environments to one of the following, non-vulnerable versions ASAP:

8.0.10.4

9.7.0.3

This patch upgrades log4j to 2.16, with links available on our latest builds page or via the Security Advisory on our Community page.

References

Zammad Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Affected
CVE-2021-45046 Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

Zyxel Affected

Notified:  2021-12-14 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

Acronis Inc. Not Affected

Notified:  2021-12-13 Updated: 2021-12-20

Statement Date:   December 20, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

Adaptiva Not Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

Advantech Czech Not Affected

Notified:  2021-12-12 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

Log4j is not used in products by Advantech Czech.

Afero Not Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

American Megatrends Incorporated (AMI) Not Affected

Notified:  2021-12-13 Updated: 2022-01-14

Statement Date:   January 13, 2022

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
Vendor Statement:
AMI is proud to announce that all products and customer-facing systems were not affected by CVE-2021-44228. AMI is committed to developing and maintaining industry leading SSDLC practices and processes. The result of this commitment is exemplified in AMI’s rapid response to CVE-2021-44228.
CVE-2021-45046 Not Affected
Vendor Statement:
AMI is proud to announce that all products and customer-facing systems were not affected by CVE-2021-45046.

Amplifi Not Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

Android Open Source Project Not Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 16, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

The vulnerable JNDI lookup functionality in Log4j depends on javax packages that are not provided by the Android Java VM

Automox Not Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

AVM GmbH Not Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

B. Braun Not Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory/b-braun-statement-on-Apache_Log4j.html

Binarly Not Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cerberus LLC Not Affected

Notified:  2021-12-13 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Check Point Not Affected

Notified:  2021-12-13 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Not Affected
Vendor Statement:
JMSAppender isn't enabled.
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

Not affected.

References

Chocolatey Software Not Affected

Notified:  2021-12-13 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

Cloudflare Not Affected

Notified:  2021-12-13 Updated: 2022-01-04

Statement Date:   December 28, 2021

CVE-2021-4104 Not Affected
Vendor Statement:
In examining our logs, we have found no evidence of exploitation of these vulnerabilities on Cloudflare's network. We have updated our software to prevent attacks, in some cases by upgrading log4j to a patched version and in other cases by removing log4j entirely. We have also implemented detection rules to prevent exploitation of these vulnerabilities against our customers.
CVE-2021-44228 Not Affected
Vendor Statement:
In examining our logs, we have found no evidence of exploitation of these vulnerabilities on Cloudflare's network. We have updated our software to prevent attacks, in some cases by upgrading log4j to a patched version and in other cases by removing log4j entirely. We have also implemented detection rules to prevent exploitation of these vulnerabilities against our customers.
CVE-2021-45046 Not Affected
Vendor Statement:
In examining our logs, we have found no evidence of exploitation of these vulnerabilities on Cloudflare's network. We have updated our software to prevent attacks, in some cases by upgrading log4j to a patched version and in other cases by removing log4j entirely. We have also implemented detection rules to prevent exploitation of these vulnerabilities against our customers.

References

Codero Not Affected

Notified:  2021-12-13 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ContentKeeper Not Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Cox Communications Not Affected

Notified:  2021-12-13 Updated: 2022-01-04

Statement Date:   January 03, 2022

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Crestron Electronics Not Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

After a comprehensive review of all of Crestron's products and services, it has been determined that none are using Log4j and therefore we are unaffected.

DNSFilter Not Affected

Notified:  2021-12-13 Updated: 2021-12-21

Statement Date:   December 20, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

DNSFilter has performed a full internal audit of its technology stack and determined that it is unaffected by this vulnerability. Log4j is not used in our services.

We have issued a public statement here: https://www.dnsfilter.com/blog/dnsfilter-response-to-log4j-vulnerability

References

DrayTek Corporation Not Affected

Notified:  2021-12-13 Updated: 2021-12-22

Statement Date:   December 22, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

DrayTek is aware of the recently disclosed security issue (CVE-2021-4104 / CVE-2021-44228 / CVE-2021-45046 / CVE-2021-45105). After proceeding with verification, DrayTek confirms that the Vigor Routers, Access Ponts, Switches, VigorACS Central Management software, and MyVigor platform are not vulnerable to this “Log4Shell” exploit. You can feel safe using our DrayOS-based & Linux-based Vigor products, VigorACS Central Management Software, and the official website service. They are all with non-vulnerability to the "Log4Shell" exploit.

References

eCosCentric Not Affected

Notified:  2021-12-13 Updated: 2021-12-21

Statement Date:   December 20, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

no Apache sources in our RTOS

Efiia Not Affected

Notified:  2021-12-13 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We do not use any of the software affected.

F5 Networks Not Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 16, 2021

CVE-2021-4104 Not Affected
Vendor Statement:
https://support.f5.com/csp/article/K24554520
CVE-2021-44228 Not Affected
Vendor Statement:
https://support.f5.com/csp/article/K19026212
CVE-2021-45046 Not Affected
Vendor Statement:
https://support.f5.com/csp/article/K32171392

Vendor Statement

CVE-2021-4104 https://support.f5.com/csp/article/K24554520 CVE-2021-44228 https://support.f5.com/csp/article/K19026212 CVE-2021-45046 https://support.f5.com/csp/article/K32171392

References

FreeBSD Project Not Affected

Notified:  2021-12-13 Updated: 2021-12-21

Statement Date:   December 20, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

The FreeBSD Project does not ship Java or Apache log4j as part of the base operating system. While there are third-party packages available via the ports and pkg system that may be affected, the FreeBSD Project defers to each upstream project on their vulnerability status. Please see the referenced tracking bug that lists known affected ports and pkgs.

References

FreeRADIUS Not Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

FreeRADIUS is not affected by this vulnerability.

However, the RADIUS protocol allows for unknown users to attempt authentication. The user is in complete control over the RADIUS User-Name. The RADIUS server can produce logs containing the User-Name filed controlled by the attacker. Depending on the local site configuration, the logs may be consumed by something which eventually reaches a vulnerable log4j instance.

There is a good summary written by Radiator software https://blog.radiatorsoftware.com/2021/12/radius-servers-and-log4j-vulnerability.html

We agree with their analysis, and with their conclusions.

Fusion Auth Not Affected

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

gdnsd Not Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 16, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

gdnsd doesn't have any Java code and is categorically not impacted.

HardenedBSD Not Affected

Notified:  2021-12-13 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

HardenedBSD does not provide the affected version of Log4j in its package repos.

HCC Embedded Not Affected

Notified:  2021-12-13 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

HitmanPro Not Affected

Notified:  2021-12-13 Updated: 2021-12-17

Statement Date:   December 17, 2021

CVE-2021-4104 Not Affected
Vendor Statement:
This does not affect our products. In non of our products we use Log4j.
CVE-2021-44228 Not Affected
Vendor Statement:
This does not affect our products. In non of our products we use Log4j.
CVE-2021-45046 Not Affected
Vendor Statement:
This does not affect our products. In non of our products we use Log4j.

Vendor Statement

This does not affect our products. In non of our products we use Log4j.

Illumos Not Affected

Notified:  2021-12-14 Updated: 2021-12-17

Statement Date:   December 17, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

illumos itself has no java that uses the log4j facility. Distributions should check their additions to confirm either no use of log4j, or that appropriate patches or mitigations occur.

ImageMagick Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Insyde Software Corporation Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

JFrog Not Affected

Notified:  2021-12-14 Updated: 2021-12-22

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

Joomla Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

The Joomla CMS is not affected by the Log4J vulnerability as it's not based on Java.

Joyent Not Affected

Notified:  2021-12-14 Updated: 2021-12-20

Statement Date:   December 20, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

See https://security.joyent.com/jsa-2021-003/ for our full statement.

Keycloak Not Affected

Notified:  2021-12-17 Updated: 2021-12-22

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

LANCOM Systems GmbH Not Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Legion of the Bouncy Castle Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

LemonLDAP Not Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

lighttpd Not Affected

Notified:  2021-12-14 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

lighttpd does not use Java and is not vulnerable to log4j-related attacks.

If the lighttpd web server is in front of potentially vulnerable services, then lighttpd may be used to apply mitigations to protect potentially vulnerable services. A sample lua script for use with lighttpd mod_magnet is provided at https://wiki.lighttpd.net/AbsoLUAtion#security-responses

lwIP Not Affected

Notified:  2021-12-14 Updated: 2021-12-21

Statement Date:   December 20, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Macrium Not Affected

Notified:  2021-12-14 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Unknown
Vendor Statement:
We have have neither log4j, nor any other Apache java component in our software stack. Therefore we can assert that we are not vulnerable to this class of attack.
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown
Vendor Statement:
We have have neither log4j, nor any other Apache java component in our software stack. Therefore we can assert that we are not vulnerable to this class of attack.

Vendor Statement

Neither Log4j, nor any Apache Java components form part of our software stack therefore Log4Shell isn't a concern.

Mbed TLS Not Affected

Notified:  2021-12-13 Updated: 2021-12-24

Statement Date:   December 23, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Medicomp Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Micrium Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Miredo Not Affected

Notified:  2021-12-14 Updated: 2021-12-20

Statement Date:   December 18, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Mobatek Not Affected

Notified:  2021-12-14 Updated: 2021-12-21

Statement Date:   December 20, 2021

CVE-2021-4104 Not Affected
Vendor Statement:
MobaXterm software is fully developed in Delphi and C. It does not use any Java code, so it does not use Log4J or Log4shell
CVE-2021-44228 Not Affected
Vendor Statement:
MobaXterm software is fully developed in Delphi and C. It does not use any Java code, so it does not use Log4J or Log4shell
CVE-2021-45046 Not Affected
Vendor Statement:
MobaXterm software is fully developed in Delphi and C. It does not use any Java code, so it does not use Log4J or Log4shell

Vendor Statement

MobaXterm software is fully developed in Delphi and C. It does not use any Java code, so it does not use Log4J or Log4shell

Momentum Not Affected

Notified:  2021-12-14 Updated: 2021-12-17

Statement Date:   December 17, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Muonics Inc. Not Affected

Notified:  2021-12-14 Updated: 2021-12-24

Statement Date:   December 23, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

Apache Log4j is not used by any Muonics, Inc. products.

netsnmp Not Affected

Notified:  2021-12-14 Updated: 2021-12-22

Statement Date:   December 21, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

NGINX Not Affected

Notified:  2021-12-14 Updated: 2021-12-22

Statement Date:   December 22, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

NTPsec Not Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

OnApp Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

OneScreen Not Affected

Notified:  2021-12-14 Updated: 2021-12-22

Statement Date:   December 22, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Ontario Systems Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

Customers can retrieve information on any affected products by visiting the respective product site.

References

OpenSSL Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenWRT Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Opera Software Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

OrbiTeam Software GmbH Not Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
Vendor Statement:
BSCW is programmed in Python, so it is not vulnerable.
CVE-2021-44228 Not Affected
Vendor Statement:
BSCW is programmed in Python, so it is not vulnerable.
CVE-2021-45046 Not Affected
Vendor Statement:
BSCW is programmed in Python, so it is not vulnerable.

OTRS Not Affected

Notified:  2021-12-14 Updated: 2021-12-18

Statement Date:   December 17, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

OTRS is not written in JAVA therefore not affected. 3rd Party components in local installations e.g. Elasticsearch may be affected. Elasticsearch in our SaaS platform was preventative mitigated according to the recommendation of Elasticsearch

pfSense Not Affected

Notified:  2021-12-14 Updated: 2021-12-21

Statement Date:   December 20, 2021

CVE-2021-4104 Not Affected
Vendor Statement:
Neither pfSense Plus nor CE software use Java. Neither Java nor log4j are available to install manually on pfSense software from Netgate package servers.
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected
Vendor Statement:
Neither pfSense Plus nor CE software use Java. Neither Java nor log4j are available to install manually on pfSense software from Netgate package servers.

Vendor Statement

Neither pfSense Plus nor CE software use Java. Neither Java nor log4j are available to install manually on pfSense software from Netgate package servers.

Pi-Hole Not Affected

Notified:  2021-12-14 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Pragma Systems Not Affected

Notified:  2021-12-14 Updated: 2022-01-04

Statement Date:   January 04, 2022

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

Pragma Systems products are not impacted by the critical Apache Log4j vulnerability known as CVE-2021-44228. Pragma Telemote, Pragma Telemote Viewer, Pragma Fortress SSH Server, Pragma Fortress SSH Client and Pragma TelnetServer do not use any java libraries in the products.

Please see our formal statement at https://www.pragmasys.com/news/press-release-apach-log4j-vulnerabillity.

pUPNP Not Affected

Notified:  2021-12-14 Updated: 2021-12-17

Statement Date:   December 17, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Qmail-TLS Not Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Rocket.Chat Not Affected

Notified:  2021-12-21 Updated: 2021-12-21

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://github.com/RocketChat/Rocket.Chat/issues/23927

Rust Security Response WG Not Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 16, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

log4j is not distributed as part of the Rust toolchain, and the library is not present in the Rust project infrastructure either

Securepoint GmbH Not Affected

Notified:  2021-12-14 Updated: 2022-01-12

Statement Date:   January 12, 2022

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Sendmail Consortium Not Affected

Notified:  2021-12-14 Updated: 2021-12-20

Statement Date:   December 20, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

Open source sendmail is not affected.

Synology Not Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

References

Treck Not Affected

Notified:  2021-12-14 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Trend Micro Not Affected

Notified:  2021-12-14 Updated: 2021-12-17

Statement Date:   December 17, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

https://success.trendmicro.com/solution/000289940

References

TwinOaks Computing Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

CoreDX DDS does not use or include log4j, and is therefore not impacted by CVE-2021-44228.

VanDyke Software Not Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

VanDyke Software products do not use Java and do not use the Apache Log4j library. The Log4j vulnerability is not applicable to VanDyke Software products.

Wind River Not Affected

Notified:  2021-12-14 Updated: 2022-01-04

Statement Date:   December 27, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Wireshark Not Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

Neither Wireshark nor its web sites are affected.

References

XigmaNAS Not Affected

Notified:  2021-12-14 Updated: 2021-12-21

Statement Date:   December 21, 2021

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

X.org Foundation Not Affected

Notified:  2021-12-14 Updated: 2022-01-07

Statement Date:   January 07, 2022

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

The X.Org Foundation does not publish or maintain any software written in Java or that otherwise includes or depends on Apache Log4j.

xpdf Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

YARDRADIUS Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Zephyr Project Not Affected

Notified:  2021-12-14 Updated: 2021-12-16

Statement Date:   December 15, 2021

CVE-2021-4104 Not Affected
Vendor Statement:
The Zephyr project does not make use of Java in our codebase.
CVE-2021-44228 Not Affected
Vendor Statement:
The Zephyr project does not make use of Java in our codebase.
CVE-2021-45046 Not Affected
Vendor Statement:
The Zephyr project does not make use of Java in our codebase.

Vendor Statement

The Zephyr project is a small, embedded, microcontroller RTOS. As such, it does not make use of Java, or any packages written in Java, and is unaffected by these vulnerabilities.

Zoho Not Affected

Notified:  2021-12-14 Updated: 2022-01-07

Statement Date:   January 07, 2022

CVE-2021-4104 Not Affected
CVE-2021-44228 Not Affected
CVE-2021-45046 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Zscaler Not Affected

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Not Affected
CVE-2021-45046 Unknown

Vendor Statement

Zscaler security team has analyzed the use of log4j in all its products. All use of vulnerable libraries have been remediated and the systems analyzed for compromise. There was no impact identified because of this vulnerability and Zscaler is no longer affected.

References

Honeywell Unknown

Notified:  2021-12-13 Updated: 2021-12-18

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Pulse Secure Unknown

Notified:  2021-12-14 Updated: 2021-12-22

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

Puppet Unknown

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/

PURESTORAGE Unknown

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22)

https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592

Rubrik Unknown

Notified:  2021-12-14 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK

https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592

SanDisk Corporation Unknown

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

This is the only statement we are prepared to make at this time

https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis

References

Saviynt Unknown

Notified:  2021-12-14 Updated: 2021-12-18

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

https://saviynt.freshdesk.com/en/support/solutions/articles/43000651898-cve-2021-44228

Scytl Unknown

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://twitter.com/Shadow0pz/status/1469329119439687682

SmileCDR Unknown

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228

Vespa - AI, Engine Unknown

Notified:  2021-12-17 Updated: 2021-12-21

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

https://github.com/vespa-engine/blog/blob/f281ce4399ed3e97b4fed32fcc36f9ba4b17b1e2/_posts/2021-12-10-log4j-vulnerability.md

Western Digital Technologies Unknown

Notified:  2021-12-14 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

This is the only statement we are prepared to make at this time.

https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis

References

2Wire Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

3proxy Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

7-Zip.org Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

8e6 Technologies Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

A10 Networks Unknown

Notified:  2021-12-12 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

A51 DOO Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AbanteCart Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Abbott Labs Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Accela Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Accellion Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ACCESS Unknown

Notified:  2021-12-12 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Acclaim Games Incorporated Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Accuphase Laboratory, Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Acer Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ACME Packet Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AcoInfo SylixOS Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Acresso Software Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ACROS Security Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Actelis Networks Unknown

Notified:  2021-12-12 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ACTi Corporation Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Actiontec Unknown

Notified:  2021-12-12 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Adaptec Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ADATA Unknown

Notified:  2021-12-12 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AddOn Technologies Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AdTrustMedia Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Advance Pro Technologies Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Advantech Unknown

Notified:  2021-12-12 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Advantech B-B Technology Unknown

Notified:  2021-12-12 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AdventNet Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AERAsec Network Services and Security GMbH Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aerohive Unknown

Notified:  2021-12-12 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Agile FleetCommander Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AhnLab Inc Unknown

Notified:  2021-12-12 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Airbus Group Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AirDroid Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Airspan Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AirWatch Unknown

Notified:  2021-12-12 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AjaXplorer Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Akamai Technologies Inc. Unknown

Notified:  2021-12-12 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aker Security Solutions Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aladdin Systems Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alcatel-Lucent Enterprise Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alertus Technologies Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

algosec Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alibaba AliOS Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Allegro Software Development Corporation Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Allied Telesis Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ALLNET GmbH Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Allround Automations Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alpine Linux Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alpwise Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alstom Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alstrasoft Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AltiGen Communications Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alt-n Technologies Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Altran Intelligent Systems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ambir Technologies Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AMD Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

American Power Conversion Corp. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AMTELCO Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

am-utils Developer Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

amx Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Analog Devices Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Analogic Corporation Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Anova Culinary, Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ANTlabs Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Apache Dubbo Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Apache HTTP Server Project Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Apache Traffic Server Project Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Apache XML Security Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aperto Networks Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Appeal Virtual Machines Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Apple Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Application Security Inc Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Applied Informatics GmbH Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Apply Yourself Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AppsGeyser Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Appthority Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aptexx Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Arcadyan Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Arch Linux Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ardent Software Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AREVA T&D Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Armis Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ARM Limited Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ARRIS Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Artifex Software Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Asante Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Asavie Technologies Ltd Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aspen Tech Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AssureBridge Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Astaro Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ASUSTeK Computer Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ASUSTOR Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aternity Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Atheros Communications Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AtMail Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Atmo O Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Atom Security, Inc Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Atos SE Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Atredis Partners Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AT&T Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Attachmate Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

At Telekon Austria AG Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Audio-Technica Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aurigma Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Authentium Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AuthLite Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Authy Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Autodemo Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Autodesk Inc Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Auto-Maskin AS Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Automated Solutions Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Automatic Data Processing Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AutoMobility Distribution Inc Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Autonomy Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Avahi mDNS Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Avast Antivirus Software Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Avaya Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AVer Information Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AvertLabs Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Avet Information and Network Security Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aveva Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

AVG Anti-virus Software Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Avigilon Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Avionica Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Avira Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Axigen Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Axis Communications Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

axTLS Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BackupPC Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BackWeb Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BAE Systems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bahamut Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Baltimore Technologies Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bank of America Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

baramundi software AG Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Barracuda Networks Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Baxter US Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BB&T Bank Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BDT Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Beeline Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Belden Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Belkin Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bell Aliant Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bell Canada Enterprises Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BellSouth Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bert Hubert Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Best Buy Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BiBa SOFTWARE Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BigAntSoft Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Billion Electric Co Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bit9 Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bitdefender Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bitium Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BitRouter Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bitvise Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BitZipper Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bizagi Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bizanga Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BlackBerry Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Blackberry QNX Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Blackboard Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Black Box Network Services UK Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Blankom Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BlazeVideo Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

blojsom Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bloxx Ltd Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BlueCat Networks Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Blue Coat Systems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bluehost Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bluetooth SIG Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Blunk Microsystems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BLU Products Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Boeing Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bomgar Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BoonEx Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Booz Allen Hamilton Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Borderware Technologies Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BoringSSL Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Botan Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bounce Test Unknown

Notified:  2021-12-13 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Box Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BPC Banking Technologies Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bradford Networks Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Brave Software Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BreakingPoint Systems Inc Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

British Sky Broadcasting Ltd Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Broderbund at Riverdeep Interactive Larning Limited Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Bromium Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Brother USA Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Buffalo Technology Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

BullGuard Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Business Objects Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cable & Wireless Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CacheGuard Technologies Ltd Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cactusoft Ltd Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cadence Design Systems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cafelog Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CalAmp Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cambium Networks Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Canoga Perkins Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Canon Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Carel Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CareStream Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Casaba Security Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CaseWorthy Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CatBird Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CA Technologies Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Caterpillar Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Caucho Technology Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cavium Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CCww Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CDNsun Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CentOS Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Centreon Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Centrify Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cenzic Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ceragon Networks Inc Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CERT/CC Unknown

Notified:  2021-12-13 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Certicom Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CERT Orange Cyberdefense Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cerulean Studios Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cesanta Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Chandler Carruth Unknown

Notified:  2021-12-13 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Charles Schwab Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Chatterbox Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Checkbox Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Chiyu Technologies Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cincom Systems Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cirpack Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CISA Industrial Control Systems Vulnerability Management and Coordination Unknown

Notified:  2021-12-13 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CISA Integrated Operations Coordination Center (CIOCC) Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CISA Service Desk Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CISA Vulnerability Management and Disclosures Unknown

Notified:  2021-12-13 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cistron Radius Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Citect Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CKAN Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Clam AntiVirus Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cleo Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CleverFiles Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Clever, Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CloudAtCost Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cloudmark Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cluster Resources Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CMS Made Simple Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CMX Systems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CNT Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cobham plc Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CodeLathe Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cog Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cogix Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Coherent Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CollabNet Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Columbia SIP User Agent (SIPC) Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Comcast Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Commscope Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

COMODO Security Solutions, Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ComponentSpace Pty Ltd Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CompuServe Incorporated Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Comsys Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Conectiva Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Conference and Publication Services LLC Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Connect2id Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Connectwise Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Consona Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Content Watch Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Contiki OS Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Convedia Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

COP USA Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Copy9 Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

core_blanco_eissler Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Corel Corporation Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CoSoSys Endpoint Security Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CouchBase Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Courier-mta Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Coyote Point Systems Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cray Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Creative Labs Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CREDANT Technologies Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Creek Audio Ltd Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cricket Wireless Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Critical Path Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Crossbeam Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Crucial Technology Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cryoserver Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CrypKey Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cryptlib Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Crypto++ Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CSCare Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CS-Cart Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CSL DualCom Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cummings Engineering Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CuteSoft Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CUworld Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CVS Home Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CVSTrac Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CWD Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cyanconnode AB Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CyberLink Corporation Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cyberoam Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CyberSafe Limited Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CyberSoft Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cyclades Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cylance Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cypherbridge Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cypress Semiconductor Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cyrus-IMAP Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cytiva Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

CZ.NIC Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dahua Security Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Daihen Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Daktronics Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DameWare Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dan Bernstein Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Danish e-Infrastructure Cooperation (WAYF) Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DansGuardian Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dassault Systemes Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DATAC Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Data Connection Ltd. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Datalex Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Datameer Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dataprobe, Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Datto Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Datum Systems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DBPOWER Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

dBpoweramp Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

dd-wrt Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dedicated Micros Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dentrix Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dentsply Sirona Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DENX Software Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DesignCrowd Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DesktopBSD Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Desoutter Industrial Tools Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Deterministic Networks Inc Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Deuterium Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Deutsche Telekom Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Devicescape Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Devon IT Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dexis Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DFLabs Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DIDI Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Diebold Election Systems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Diebold Nixdorf Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Digicast Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DigiCert Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Digicom Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Digi International Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Digital Alert Systems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Digital River Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Digitus Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DirecTV Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Discord Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Discretix Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Distinct Corporation Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DivX Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

D-Link Systems Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

dnsmasq Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dobysoft Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Docker Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DocuSign Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Doogee Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

dotCMS Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DotNetNuke Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dovestones Software Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DragonFly BSD Project Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DropWizard Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DTE Energy Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Duo Security Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

DyKnow Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dynabook Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dynatrace Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

EasyVista Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Eaton Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

eBay Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

E-Book Systems Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ecava Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Eclipse Foundation Inc Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ECSystems.nl Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Edgewall Software Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Edimax Computer Company Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

eero Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

EfficientIP Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

EFI Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

EFS Technology Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Egnite Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

eIQnetworks Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ektron Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Eland Systems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ElcomSoft Co. Ltd. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Electronic Arts Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Electronic Frontier Foundation Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Elisa Costante Unknown

Notified:  2021-12-13 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Elspec Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Embarcadero Technologies Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Embed This Go Ahead Web Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Emerson Network Power Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Enablence Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Encore Electronics Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ENEA Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Engarde Secure Linux Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Entegrity Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Enterasys Networks Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Entercept Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Entr'ouvert Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Entrust Datacard Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Envoy Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Epic Systems Corporation Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Epiphany Healthcare Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Epsilon Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ERDAS Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ericsson Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ER Mapper Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ESET LLC. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

eSignal Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Espressif Systems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ethernut Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Exadel Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Experian Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Express Logic Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Extreme Networks Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Facebook Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fail2ban Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

FairCom Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fanuc America Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fastly Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fedora Project Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ffmpeg Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fiat Chrysler Automobiles Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fidelity FMR Corp. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

FiiO Electronics Technology Co., Ltd. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

FireFTP Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fitbit Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fives Landis Group Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

FLAC Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

FlashRouters Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Flash Seats Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Flexera Software Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

FlexVision Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Florian Weimer Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fluke Networks Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

FMA Risk Management Solutions Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

FNet Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fonality Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fone Tracker Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Force10 Networks Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ford Motor Company Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

ForgeRock Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Foxit Software Company Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

F-PROT AVS by Frisk Software International Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fraunhofer Institut Integrierte Schaltungen IIS Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

FreePBX Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

FTP Software Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

FtpUse Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fuji Electric Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

FujiFilm Corporation Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

fuse-nfs Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GamaSEC Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GameTap-Turner Broadcasting subsidiary Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Gamma Tech Computer Corp. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Garmin International, Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

Statement Date:   December 14, 2021

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GateHouse Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

G DATA Software AG Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GEAR Software Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Gemalto AV Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

General Dynamics Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

General Electric Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

General Motors Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Gentoo Linux Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GETAC Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Getjar Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GFI Software Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GIGABYTE Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Gigasys Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Gilat Network Systems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Github Security lab Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GitLab Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Global Eagle Entertainment Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Global IP Solutions Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GlobalSign Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Global Technology Associates Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Gnash Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNOME Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU adns Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU Compiler Collection Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU glibc Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU Grub Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GnuPG Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU Sharutils Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GnuTLS Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU wget Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GoAnywhere Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Good Technology Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Go Programming Language Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GPS Insight Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Gracenote Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Grandstream Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Granite Data Services Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GraphicsMagick Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Grass Valley Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Green Hills Software Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Green Packet Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

gRPC Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Grumman System Support Corporation Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

GSMA Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Guangzhou Gaoke Communications Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Guest Spy Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Guidance Software Inc. Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Gurock Software GmbH Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Gynoii Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Halaxy Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Haliplex Communication Systems Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hanvon Technology Co Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hanwha Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

HAProxy Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Harman Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Harris Corporation Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

HelpSystems Unknown

Notified:  2021-12-17 Updated: 2021-12-17

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hewlett Packard Enterprise Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hex Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

HiFime Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hikvision Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hillstone Unknown

Notified:  2021-12-13 Updated: 2021-12-15

CVE-2021-4104 Unknown
CVE-2021-44228 Unknown
CVE-2021-45046 Unknown

Vendor Statement

We have not received a statement from the vendor.

HiSilicon Unknown

Notified:  2021-12-13