Overview
Apache Log4j allows insecure JNDI lookups that could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the vulnerable Java application using Log4j.
CISA has published Apache Log4j Vulnerability Guidance and provides a Software List.
Description
The default configuration of Apache Log4j supports JNDI (Java Naming and Directory Interface) lookups that can be exploited to exfiltrate data or execute arbitrary code via remote services such as LDAP, RMI, and DNS.
This vulnerability note includes information about the following related vulnerabilities.
-
CVE-2021-44228 tracks the initial JNDI injection and RCE vulnerability in Log4j 2. This vulnerability poses considerabily more risk than the others.
-
CVE-2021-4104 tracks a very similar vulnerability that affects Log4j 1 if JMSAppender and malicious connections have been configured.
-
CVE-2021-45046 tracks an incomplete fix for CVE-2021-44228 affecting Log4j 2.15.0 when an attacker has "...control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern."
We provide tools to scan for vulnerable jar files.
More information is available from the Apache Log4j Security Vulnerabilities page, including these highlights.
Certain conditions must be met to make Log4j 1.x vulnerable:
Log4j 1.x mitigation: Log4j 1.x does not have Lookups so the risk is lower. Applications using Log4j 1.x are only vulnerable to this attack when they use JNDI in their configuration. A separate CVE (CVE-2021-4104) has been filed for this vulnerability. To mitigate: audit your logging configuration to ensure it has no JMSAppender configured. Log4j 1.x configurations without JMSAppender are not impacted by this vulnerability.
Log4j API code alone is not affected:
Note that only the log4j-core JAR file is impacted by this vulnerability. Applications using only the log4j-api JAR file without the log4j-core JAR file are not impacted by this vulnerability.
Impact
A remote, unauthenticated attacker with the ability to log specially crafted messages can cause Log4j to connect to a service controlled by the attacker to download and execute arbitrary code.
Solution
In Log4j 2.12.2 (for Java 7) and 2.16.0 (for Java 8 or later) the message lookups feature has been completely removed. In addition, JNDI is disabled by default and other default configuration settings are modified to mitigate CVE-2021-44228 and CVE-2021-45046.
For Log4j 1, remove the JMSAppender class or do not configure it. Log4j 1 is not supported and likely contains unfixed bugs and vulnerabilities (such as CVE-2019-17571).
For applications, services, and systems that use Log4j, consult the appropriate vendor or provider. See the CISA Log4j Software List and the Vendor Information section below.
Workarounds
Remove the JndiLookup class from the classpath, for example:
zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class
As analysis has progressed, certain mitigations have been found to be less effective or incomplete. See "Older (discredited) mitigation measures" on the Apache Log4j Security Vulnerabilities page.
SLF4J also recommends write-protecting Log4j configuration files.
Acknowledgements
Apache credits Chen Zhaojun of Alibaba Cloud Security Team for reporting CVE-2021-44228 and CVE-2021-4104 and Kai Mindermann of iC Consult for CVE-2021-45046.
Much of the content of this vulnerability note is derived from Apache Log4j Security Vulnerabilities and http://slf4j.org/log4shell.html.
This document was written by Art Manion.
Vendor Information
ABB Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
Please refer to the list of cyber security advisories on the ABB website: https://global.abb/group/en/technology/cyber-security/alerts-and-notifications
References
Adobe Affected
Statement Date: December 16, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
https://helpx.adobe.com/security/products/log4j-2-advisory.html
References
ADTRAN Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
ADTRAN has published security advisory ADTSA-2021004 regarding CVE-2021-4104, CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105. Please see the advisory linked in the reference section below for additional details.
References
Amazon Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Apache Commons Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Apache Solr Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
Apache Solr releases prior to 8.11.1 were using a bundled version of the Apache Log4J library vulnerable to RCE (see CVE-2021-44228). Malicious input from a user-supplied query string (or any other URL request parameter like request handler name) is logged by default with log4j.
Apache Solr releases prior to 7.4 (i.e. Solr 5, Solr 6, and Solr 7 through 7.3) use Log4J 1.2.17 which may be vulnerable for installations using non-default logging configurations that include the JMS Appender (see CVE-2021-4104).
In response to the vulnerabilities, the Apache Solr team released version Solr 8.11.1 that bundles log4j 2.16.0. An update to 2.17.0 (or later) will be done with the next maintenance release as Solr is not vulnerable to CVE-2021-45105 (see below).
Apache Solr releases are not vulnerable to the followup CVE-2021-45046 and CVE-2021-45105, because the MDC patterns used by Solr are for the collection, shard, replica, core and node names, and a potential trace id, which are all sanitized and injected into log files with "%X". Passing system property log4j2.formatMsgNoLookups=true is suitable to mitigate.
Solr's Prometheus Exporter uses Log4J as well but it does not log user input or data, so we don't see a risk there.
References
Apache Spark Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Apache Struts Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Apache Tomcat Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Apereo Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Arista Networks Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Affected |
| Vendor Statement: | |
| Affected: * Embedded Fabric Analytics module for Converged Cloud Fabric (formerly Big Cloud Fabric) - CCF / BCF earlier than 5.3.0 | |
| CVE-2021-44228 | Affected |
| Vendor Statement: | |
| Affected * CloudVision Portal * 2019.1.0 and all later releases (*) * CloudVision Wi-Fi, virtual appliance or physical appliance * 8.8 and all later releases * Analytics Node for DANZ Monitoring Fabric (formerly Big Monitoring Fabric) * DMF (BMF) 7.0.0 and later (*) * Analytics Node for Converged Cloud Fabric (formerly Big Cloud Fabric) * Analytics Node 7.0.0 and later (*) * Embedded Fabric Analytics module for Converged Cloud Fabric (formerly Big Cloud Fabric) * CCF (BCF) 5.3.0 and later (*) (*) The affected products use Log4j indirectly through Elasticsearch and/or Logstash. Based on Arista’s analysis of the use of these modules and information provided by Elastic, we believe there is no vulnerability of Remote Code Execution. There is a possibility of Information Leak and/or Denial-of-Service and we recommend the mitigations be implemented. Not Affected * Arista EOS-based products * CloudVision physical appliance * Arista 7130 Systems running MOS * Awake Security Platform * Arista Wireless Access Points * Other Components of Converged Cloud Fabric and DANZ Monitoring Fabric * DMF: Controller, Service Node, Recorder Node * Switchlight OS * Multi-Cloud Director | |
| CVE-2021-45046 | Not Affected |
References
Aruba Networks Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
Aruba has issued a security advisory regarding our status in regards to CVE-2021-44228. It can be found at the case reference below. Most of our products are unaffected, but Silver Peak Orchestrator is affected in some configurations. See the advisory for more detail.
References
Atlassian Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| This affects the following non-default, unsupported configurations: - The JMS Appender is configured in the application's Log4j configuration - The javax.jms API is included in the application's CLASSPATH - An attacker configures the JMS Appender with a malicious JNDI lookup - One of the following Atlassian products is being used: * Bamboo Server and Data Center * Confluence Server and Data Center * Crowd Server and Data Center * Fisheye / Crucible * Jira Service Management Server and Data Center * Jira Software Server and Data Center (including Jira Core) | |
| CVE-2021-44228 | Affected |
| Vendor Statement: | |
| Bitbucket Server and Data Center are vulnerable to CVE-2021-44228. Systems are vulnerable when configured to use the version of Elasticsearch bundled with Bitbucket Server and Data Center. | |
| CVE-2021-45046 | Not Affected |
| Vendor Statement: | |
| Atlassian on-premises products are not vulnerable to CVE-2021-45046. | |
Atos SE Affected
Statement Date: February 04, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
Bull Sequana servers are not using the vulnerable component. For BullSequana SA servers availability (Downloads/tools) of GSM_Doctor_v1_06 & Server_utility_cli_2.1.50 with Log4j 2.17 updates.
References
Baidu Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
beyondtrust Affected
Statement Date: December 22, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
BMC Software Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
BOSCH Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
Broadcom Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Brocade Communication Systems Affected
Statement Date: December 22, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
Brocade has investigated its product line to determine the exposure of Brocade Fibre Channel products from Broadcom. Brocade continues to monitor all sources of information related to these vulnerabilities. Brocade Security Advisory is at: https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2021-1651
Caelo NELSON Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Cisco Affected
Statement Date: December 10, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Citrix Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Commvault Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
cPanel Inc. Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Cradlepoint Affected
Statement Date: January 12, 2022
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
https://cradlepoint.com/vulnerability-alerts/cve-2021-44228-apache-log4j-security-vulnerabilities/
NetCloud OS (NCOS) does not use java, thus, Cradlepoint devices are unaffected by the Log4J vulnerabilities.
The Cradlepoint incident response team investigated, identified and patched vulnerable versions of Log4J in its cloud services, NetCloud Manager (NCM) and NetCloud Perimeter, as patches became available.
CVSNT Affected
Statement Date: December 18, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
No products are affected. Customers are NOT affected. There is an impact on some of our web services (eg: customer downloads). Mitigations for CVE-2021-44228 have been applied as of December 14, 2021. Revised mitigations for CVE-2021-44228 and also mitigations for CVE-2021-45046 have been applied as of December 18, 2021.
Debian GNU/Linux Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Dell Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Dell EMC Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Elastic logstash Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Environmental Systems Research Institute Inc Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Exim Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Forcepoint Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
ForeScout Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Fortinet Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
F-Secure Corporation Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Fujitsu Affected
Statement Date: January 14, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
Fujitsu is aware of the security vulnerabilities in software Apache log4j ("Log4Shell").
Affected products are Fujitsu Software ServerView Suite (SVS) and Fujitsu SecDocs. Updates are available.
The Fujitsu PSIRT has issued Fujitsu PSS-IS-2021-121000 on https://security.ts.fujitsu.com (Security Notices) accordingly.
In case of questions regarding this Fujitsu PSIRT Security Notice, please contact the Fujitsu PSIRT (Fujitsu-PSIRT@ts.fujitsu.com).
References
GitHub Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Google Affected
Statement Date: January 13, 2022
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
Google Cloud is actively following the security vulnerabilities in the open-source Apache “Log4j 2" utility (CVE-2021-44228 and CVE-2021-45046). We are also aware of the reported Apache “Log4j 1.x” vulnerability (CVE-2021-4104). We encourage customers to update to the latest version of Log4j 2. We are currently assessing the potential impact of the vulnerability for Google Cloud products and services. This is an ongoing event and we will continue to provide updates through this page (https://cloud.google.com/log4j2-security-advisory) and our customer communications channels.
Based on our findings, Google Workspace core services for consumer and paid users are not using Log4j 2 and are not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. See below for a detailed status of the Workspace core services and other related products.
We recommend Google customers review all third-party apps and solutions accessing their data and validate the security status of those apps with their respective vendors. More details on managing apps authorized to access Google Workspace data are here and customers can review their list of solutions from the Google Cloud Marketplace by logging into their account. We also recommend validating the security status of any apps developed and deployed by customers within their environments.
References
GrayLog Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Hitachi Affected
Statement Date: January 04, 2022
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
HIRT-PUB21001 : Apache Log4j Vulnerability https://www.hitachi.com/hirt/publications/hirt-pub21001
References
Hitachi Energy Affected
Statement Date: December 18, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
For published advisories related to the Apache Log4j, please refer to https://www.hitachienergy.com/cybersecurity/alerts-and-notifications
Our cybersecurity notification on Apache Log4j vulnerabilities can be found here: https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch
References
Hostifi Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
HP Inc. Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Huawei Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
IBM Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
- https://www.ibm.com/blogs/psirt/
- https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/
CERT Addendum
Multiple products affected. See https://www.ibm.com/blogs/psirt/ for information on IBM products.
Imperva Inc. Affected
Statement Date: December 29, 2021
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
Imperva Threat Research is continuing to monitor, create, test and deploy CVE-specific security rules based on new attack variants for all of our customers. We will keep all our customers notified as this progresses.
We continue to scan and patch vulnerabilities in our products and infrastructure as these CVEs are posted.
References
Informatica Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
- https://network.informatica.com/community/informatica-network/blog/2021/12/10/log4j-vulnerability-update
- https://knowledge.informatica.com/s/article/Apache-Zero-Day-log4j-RCE-Vulnerability-updates-for-Informatica-Cloud-and-Cloud-Hosted-Software?language=en_US
- https://knowledge.informatica.com/s/article/Log4J-remediation-for-Informatica-Data-Quality?language=en_US
- https://knowledge.informatica.com/s/article/Apache-log4j-Zero-day-RCE-Vulnerability-CVE-2021-44228-Updates-for-Informatica-On-premises-Products?language=en_US
Intel Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
Our security teams are aware of this issue and are in the process of investigating the impact of the Apache log4j security vulnerability on Intel products/software. As with all security vulnerability, this is being treated as a high priority within Intel and Intel will provide our customers with updates as our investigation progresses.
Ivanti Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
JAMF software Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Jenkins Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
JetBrains Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Jitsi Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
kafka Apache Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
KPN-CERT Affected
Statement Date: December 16, 2021
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
Pretty much everyone worldwide is affected by this, and coordinating large-scale response efforts in determining where vulnerable log4j instances are present.
Lucent Sky Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
McAfee Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
Public KB published and being updated - https://kc.mcafee.com/agent/index?page=content&id=KB95091 Includes coverage from our protection products and a link to the registered security bulletin with details on the impact to our products.
Metabase Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Microsoft Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
Microsoft's guidance for CVE-2021-44228 can be found at https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ and will be updated as more information becomes available.
References
Minecraft Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
N-able Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
National Instruments (NI) Affected
Statement Date: December 23, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
The impact to NI products is described in the security advisory at https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html This security advisory will be updated as new information is available.
Questions regarding this advisory can be directed to NI's PSIRT (product-security@ni.com). Additional security information is available at https://ni.com/security.
References
NetApp Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
NetEase Games Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Netflix Inc. Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Newrelic Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
NVIDIA Affected
Statement Date: December 16, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| Vendor Statement: | |
| NVIDIA Security Notice/Response link: https://nvidia.custhelp.com/app/answers/detail/a_id/5294 | |
| CVE-2021-45046 | Unknown |
Vendor Statement
Security Notice: NVIDIA Response to Log4j Vulnerability (CVE-2021-44228) - December 2021
References
openHAB Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
OpenMRS Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
OpenNMS Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
OpenSearch Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Oracle Corporation Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
PagerDuty Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Palo Alto Networks Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
PaperCut Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Real-Time Innovations (RTI) Affected
Statement Date: December 22, 2021
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| RTI products using Log4j 1.x do not use JMSAppender | |
| CVE-2021-44228 | Affected |
| Vendor Statement: | |
| RTI Micro Application Generator is affected in versions 1.0.0 and 1.0.1 | |
| CVE-2021-45046 | Affected |
| Vendor Statement: | |
| RTI Micro Application Generator is affected in versions 1.0.0 and 1.0.1 | |
Red Hat Affected
Statement Date: December 16, 2021
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
Please consult with our published Red Hat Security Bulletin RHSB-2021-009 for list of affected products, updates, and mitigation options related to this CVE.
References
Redis Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
Redis Enterprise Cloud, Enterprise Software and Open Source Redis is not vulnerable.
However, Redis Java Clients - Jedis is vulnerable.
Jedis is a Redis sponsored Java client. It uses the affected library in test suites only. A new Jedis release is now available that mitigates the vulnerability. End users are advised to evaluate their exposure to determine upgrade urgency.
https://redis.com/security/notice-apache-log4j2-cve-2021-44228/
Rockwell Automation Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
Our updated disclosure article is below
References
RSA Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501
SailPoint Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
- https://developer.sailpoint.com/discuss/t/sailpoint-saas-services-response-to-log4j-remote-code-execution-vulnerability/2345
- https://developer.sailpoint.com/discuss/t/sailpoint-saas-services-response-to-log4j-remote-code-execution-vulnerability/2346
- https://community.sailpoint.com/t5/Community-Announcements/IdentityNow-Log4j-RCE-Vulnerability-Update-Patched-version-of/ba-p/206977
- https://community.sailpoint.com/t5/Community-Announcements/Update-Log4j-Vulnerability/ba-p/206705
salesforce.com Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://help.salesforce.com/s/articleView?id=000363736&type=1
SAP SE Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://layersevensecurity.com/securing-sap-systems-from-log4j-exploits/#:~:text=Log4J%20is%20included%20in%20multiple%20SAP%20applications%20including,official%20response%20for%20details%20of%20all%20impacted%20products.
SAS Affected
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Security Onion Solutions Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
On 2021/12/10, Security Onion Solutions released an initial hotfix to address log4j.
On 2021/12/13, Security Onion Solutions released a second hotfix to address log4j.
On 2021/12/21, Security Onion Solutions released Security Onion 2.3.91 which updates Log4j to 2.17.0.
References
- https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html
- https://blog.securityonion.net/2021/12/security-onion-2390-20211213-hotfix-now.html
- https://blog.securityonion.net/2021/12/security-onion-2391-now-available.html
CERT Addendum
https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html
Sendmail Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
Please see URL for the full table for the details on individual Proofpoint products. Open source sendmail is covered separately by the "Sendmail Consortium" vendor in the CERT vulnerability note.
References
ServiceNow Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
- https://support.servicenow.com/now?id=ns_search&q=log4j&s=true&pp=kb_article_view
- https://community.servicenow.com/community?id=community_article&sys_id=26ccd67cdb2c0590b5d6e6be1396198f
CERT Addendum
https://support.servicenow.com/now?id=ns_search&q=log4j&s=true&pp=kb_article_view
https://community.servicenow.com/community?id=community_article&sys_id=26ccd67cdb2c0590b5d6e6be1396198f
Siemens Affected
Statement Date: December 18, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
The impact to Siemens products is described in the Security Advisory SSA-661247, published on the Siemens ProductCERT page (https://www.siemens.com/cert/advisories).
In case of questions regarding this Security Advisory, please contact Siemens ProductCERT (productcert@siemens.com).
References
Sierra Wireless Affected
Statement Date: January 14, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| Vendor Statement: | |
| See our security bulletin for details and subscribe to get notifications. | |
| CVE-2021-45046 | Not Affected |
Software AG Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849
SolarWinds Affected
Statement Date: December 18, 2021
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| SolarWinds reviewed all product source code and found the following conditions: None of the SolarWinds products are affected by this vulnerability. It’s important to note the Orion Platform core is not affected and does not utilize Apache Log4j. | |
| CVE-2021-44228 | Affected |
| Vendor Statement: | |
| SolarWinds reviewed all code and found the following conditions: The only two SolarWinds products we have identified as affected by this vulnerability are Server & Application Monitor (SAM) and Database Performance Analyzer (DPA). We have not identified any other SolarWinds products as affected by this vulnerability. It’s important to note the Orion Platform core is not affected and does not utilize Apache Log4j. Mitigation steps for CVE-2021-44228 vulnerability were made public on December 12, 2021. | |
| CVE-2021-45046 | Affected |
| Vendor Statement: | |
| SolarWinds reviewed all product source code and found the following conditions: The only two SolarWinds products we have identified as affected by this vulnerability are Server & Application Monitor (SAM) and Database Performance Analyzer (DPA). We have not identified any other SolarWinds products as affected by this vulnerability. It’s important to note the Orion Platform core is not affected and does not utilize Apache Log4j. Mitigation Steps for CVE-2021-44228 vulnerability were made public on December 12, 2021. Mitigation Steps were updated with Log4j 2.16 after Apache released the Log4j 2.16 version on December 13, 2021. | |
References
- ttps://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228
- https://support.solarwinds.com/SuccessCenter/s/article/Server-Application-Monitor-SAM-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228
- https://support.solarwinds.com/SuccessCenter/s/article/Database-Performance-Analyzer-DPA-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228
SonarSource Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721
SonicWall Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032
Sophos Affected
Statement Date: December 16, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
sourceforge Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
"Updated POMs for Log4j 2.16.0. Updated Changelog" https://github.com/bpangburn/swingset/commit/80c6a542d166f8fe8232d87595fcad7c4028760d
Splunk Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
Spring. Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
- https://kb.vmware.com/s/article/87068?lang=en_US
- https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot
CERT Addendum
https://kb.vmware.com/s/article/87068?lang=en_US
https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot
Supermicro Affected
Statement Date: December 22, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
SUSE Linux Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
SUSE Linux Enterprise products are not affected by this vulnerability. SUSE Manager is not affected. SUSE Rancher is not affected. SUSE NeuVector is not affected. A component of SUSE OpenStack Cloud (storm) includes log4j, but likely not user reachable.
References
Synopsys Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
- https://www.synopsys.com/company/newsroom/log4j2-vulnerability.html
- https://community.synopsys.com/s/article/SIG-Security-Advisory-for-Apache-Log4J2-CVE-2021-44228
- https://community.synopsys.com/s/article/Finding-Apache-Log4j-Impacted-Projects-in-Black-Duck
CERT Addendum
https://www.synopsys.com/company/newsroom/log4j2-vulnerability.html
https://community.synopsys.com/s/article/SIG-Security-Advisory-for-Apache-Log4J2-CVE-2021-44228
https://community.synopsys.com/s/article/Finding-Apache-Log4j-Impacted-Projects-in-Black-Duck
Talend Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://jira.talendforge.org/browse/TCOMP-2054
Tencent Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://github.com/YfryTchsGD/Log4jAttackSurface/blob/master/pages/Tencent.md
Tesla Motors Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
- https://teslamotorsclub.com/tmc/threads/security-issue-log4j.249501/
- https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.html
CERT Addendum
https://teslamotorsclub.com/tmc/threads/security-issue-log4j.249501/
https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.html
TIBCO Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
TIBCO continues to work on investigating and identifying mitigations for the Apache Log4J vulnerability (CVE-2021-44228), referred to as the “Log4Shell” vulnerability. TIBCO is providing daily status updates on the investigation and available remediations, located here.
Twitter Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://github.com/YfryTchsGD/Log4jAttackSurface
Ubiquiti Affected
Statement Date: December 20, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| Vendor Statement: | |
| A vulnerable third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application. This vulnerability is fixed in UniFi Network Version 6.5.54 and later. | |
| CVE-2021-45046 | Not Affected |
Vendor Statement
A vulnerable third-party library used in UniFi Network Version 6.5.53 and earlier (Log4J CVE-2021-44228) allows a malicious actor to control the application. This vulnerability is fixed in UniFi Network Version 6.5.54 and later.
References
u-blox Affected
Statement Date: January 11, 2022
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| u-blox is not aware of using Log4j 1.x in any products, services or internal infrastructure. | |
| CVE-2021-44228 | Affected |
| Vendor Statement: | |
| No u-blox products have been affected. Customer-facing services, IT systems and infrastructure have been patched. No action required by u-blox customers. | |
| CVE-2021-45046 | Affected |
| Vendor Statement: | |
| No u-blox products have been affected. Customer-facing services, IT systems and infrastructure have been patched. No action required by u-blox customers. | |
Ubuntu Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Unify Software and Solutions GmbH and Co. KG Affected
Statement Date: January 10, 2022
| CVE-2021-4104 | Unknown |
| Vendor Statement: | |
| Investigation is ongoing. A separate security advisory will be issued that covers CVE-2021-4104. | |
| CVE-2021-44228 | Affected |
| Vendor Statement: | |
| We started investigation of the CVE | |
| CVE-2021-45046 | Unknown |
| Vendor Statement: | |
| Atos Unify Products are affected. Issue is tracked within the same advisory than CVE-2021-44228 | |
Vendor Statement
Log4j 2 is being used in some of our products. We have issued an advisory for CVE-2021-44228 which can be found here https://networks.unify.com/security/advisories/OBSO-2112-01.pdf.
References
UPMC Enterprises Affected
Statement Date: December 20, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
The MyUPMC DevSecOps team has been closely monitoring the developing Log4j situation and have implemented all patches where appropriate.
Valve Software (Steam) Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
- https://steamcommunity.com/discussions/forum/0/3203745634149423223/?ctp=3
- https://github.com/YfryTchsGD/Log4jAttackSurface
CERT Addendum
https://steamcommunity.com/discussions/forum/0/3203745634149423223/?ctp=3
https://github.com/YfryTchsGD/Log4jAttackSurface
Veracode Affected
Statement Date: December 22, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
As of Dec 12, 2021 Veracode is not affected by the Log4j vulnerability. All instances of a vulnerable Log4j in our production and in our on-premise agents, integrations, or virtual appliances has been remediated to Log4j 2.15.0.
As of Dec 22, 2021 Veracode All instances of a vulnerable Log4j in our production and in our on-premise agents, integrations, or virtual appliances has been remediated to Log4j 2.16.0. or 2.17.0
References
Veritas Technologies Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
Some Veritas products are affected, others are not. We're currently doing additional research given that Apache has stated that some previously suggested mitigations only limit exposure and that a new log4j vulnerability was published today (Tuesday) that can result in a denial of service. We'll provide a primary URL once things have settled down. Things are still too fluid.
References
VMware Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Wallarm Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://lab.wallarm.com/cve-2021-44228-mitigation-update/
WebEx Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
Some Webex products are not vulnerable. Please check: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd#vp for information.
Wowza Media Systems Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve
WSO2 Affected
Statement Date: December 17, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| Vendor Statement: | |
| WSO2 has issued a public statement and an incident clarifications regarding CVE-2021-44228 and CVE-2021-45046 at [https://docs.wso2.com/pages/viewpage.action?pageId=180948677](https://docs.wso2.com/pages/viewpage.action?pageId=180948677). * On December 11, 2021 all customers were informed of the immediate mitigation steps to be followed (and automation scripts required in applying temporary mitigations). Mitigation steps WSO2 provided were not affected by changes made in CVE-2021-45046. * WSO2 is current rolling out permanent updates related to all affected product versions. | |
| CVE-2021-45046 | Affected |
| Vendor Statement: | |
| WSO2 has issued a public statement and an incident clarifications regarding CVE-2021-44228 and CVE-2021-45046 at [https://docs.wso2.com/pages/viewpage.action?pageId=180948677](https://docs.wso2.com/pages/viewpage.action?pageId=180948677). * On December 11, 2021 all customers were informed of the immediate mitigation steps to be followed (and automation scripts required in applying temporary mitigations). Mitigation steps WSO2 provided were not affected by changes made in CVE-2021-45046. * WSO2 is current rolling out permanent updates related to all affected product versions. | |
Xylem Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf
References
Yandex Cloud Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
CERT Addendum
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
Yellowfin BI Affected
Statement Date: December 16, 2021
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| Current Yellowfin versions do not utilize log4j 1.x, and as such are not affected by this listing. NOTE: Yellowfin versions that use log4j 1.x follow: 7.x (End of Life) <= 8.0.8 <= 9.4 Guidance for users is to upgrade to Yellowfin 8.0.10.4 or 9.7.0.3 or higher. | |
| CVE-2021-44228 | Affected |
| Vendor Statement: | |
| Yellowfin versions affected by this listing include: 9 series: 9.4.0 through 9.7.0.1 8 series: 8.0.8 - 8.0.10.4 Guidance for users is to upgrade to the newest versions of Yellowfin, available in our announcement. | |
| CVE-2021-45046 | Affected |
| Vendor Statement: | |
| Yellowfin versions affected by this listing include: 9 series: 9.4.0 through 9.7.0.1 8 series: 8.0.8 - 8.0.10.4 Guidance for users is to upgrade to the newest versions of Yellowfin, available in our announcement. | |
Vendor Statement
Yellowfin has confirmed scenarios in which the software may be vulnerable to these issues.
All Yellowfin users are encouraged to update their environments to one of the following, non-vulnerable versions ASAP:
8.0.10.4
9.7.0.3
This patch upgrades log4j to 2.16, with links available on our latest builds page or via the Security Advisory on our Community page.
References
Zammad Affected
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Affected |
Vendor Statement
We have not received a statement from the vendor.
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
CERT Addendum
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
Zyxel Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Acronis Inc. Not Affected
Statement Date: December 20, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Adaptiva Not Affected
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Advantech Czech Not Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
Log4j is not used in products by Advantech Czech.
Afero Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
American Megatrends Incorporated (AMI) Not Affected
Statement Date: January 26, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| Vendor Statement: | |
| AMI is proud to announce that all products and customer-facing systems were not affected by CVE-2021-44228. AMI is committed to developing and maintaining industry leading SSDLC practices and processes. The result of this commitment is exemplified in AMI’s rapid response to CVE-2021-44228. | |
| CVE-2021-45046 | Not Affected |
| Vendor Statement: | |
| AMI is proud to announce that all products and customer-facing systems were not affected by CVE-2021-45046. | |
Amplifi Not Affected
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Android Open Source Project Not Affected
Statement Date: December 16, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
The vulnerable JNDI lookup functionality in Log4j depends on javax packages that are not provided by the Android Java VM
Automox Not Affected
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
AVM GmbH Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Barracuda Networks Not Affected
Statement Date: January 26, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
https://www.barracuda.com/company/legal/log4j
B. Braun Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory/b-braun-statement-on-Apache_Log4j.html
Binarly Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cerberus LLC Not Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Check Point Not Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| JMSAppender isn't enabled. | |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
Not affected.
References
Chocolatey Software Not Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Cloudflare Not Affected
Statement Date: December 28, 2021
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| In examining our logs, we have found no evidence of exploitation of these vulnerabilities on Cloudflare's network. We have updated our software to prevent attacks, in some cases by upgrading log4j to a patched version and in other cases by removing log4j entirely. We have also implemented detection rules to prevent exploitation of these vulnerabilities against our customers. | |
| CVE-2021-44228 | Not Affected |
| Vendor Statement: | |
| In examining our logs, we have found no evidence of exploitation of these vulnerabilities on Cloudflare's network. We have updated our software to prevent attacks, in some cases by upgrading log4j to a patched version and in other cases by removing log4j entirely. We have also implemented detection rules to prevent exploitation of these vulnerabilities against our customers. | |
| CVE-2021-45046 | Not Affected |
| Vendor Statement: | |
| In examining our logs, we have found no evidence of exploitation of these vulnerabilities on Cloudflare's network. We have updated our software to prevent attacks, in some cases by upgrading log4j to a patched version and in other cases by removing log4j entirely. We have also implemented detection rules to prevent exploitation of these vulnerabilities against our customers. | |
References
Codero Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ContentKeeper Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Cox Communications Not Affected
Statement Date: January 03, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Crestron Electronics Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
After a comprehensive review of all of Crestron's products and services, it has been determined that none are using Log4j and therefore we are unaffected.
DNSFilter Not Affected
Statement Date: December 20, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
DNSFilter has performed a full internal audit of its technology stack and determined that it is unaffected by this vulnerability. Log4j is not used in our services.
We have issued a public statement here: https://www.dnsfilter.com/blog/dnsfilter-response-to-log4j-vulnerability
References
DrayTek Corporation Not Affected
Statement Date: December 22, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
DrayTek is aware of the recently disclosed security issue (CVE-2021-4104 / CVE-2021-44228 / CVE-2021-45046 / CVE-2021-45105). After proceeding with verification, DrayTek confirms that the Vigor Routers, Access Ponts, Switches, VigorACS Central Management software, and MyVigor platform are not vulnerable to this “Log4Shell” exploit. You can feel safe using our DrayOS-based & Linux-based Vigor products, VigorACS Central Management Software, and the official website service. They are all with non-vulnerability to the "Log4Shell" exploit.
References
eCosCentric Not Affected
Statement Date: December 20, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
no Apache sources in our RTOS
Efiia Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We do not use any of the software affected.
F5 Networks Not Affected
Statement Date: December 16, 2021
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| https://support.f5.com/csp/article/K24554520 | |
| CVE-2021-44228 | Not Affected |
| Vendor Statement: | |
| https://support.f5.com/csp/article/K19026212 | |
| CVE-2021-45046 | Not Affected |
| Vendor Statement: | |
| https://support.f5.com/csp/article/K32171392 | |
Vendor Statement
CVE-2021-4104 https://support.f5.com/csp/article/K24554520 CVE-2021-44228 https://support.f5.com/csp/article/K19026212 CVE-2021-45046 https://support.f5.com/csp/article/K32171392
References
FreeBSD Not Affected
Statement Date: December 20, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
The FreeBSD Project does not ship Java or Apache log4j as part of the base operating system. While there are third-party packages available via the ports and pkg system that may be affected, the FreeBSD Project defers to each upstream project on their vulnerability status. Please see the referenced tracking bug that lists known affected ports and pkgs.
References
FreeRADIUS Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
FreeRADIUS is not affected by this vulnerability.
However, the RADIUS protocol allows for unknown users to attempt authentication. The user is in complete control over the RADIUS User-Name. The RADIUS server can produce logs containing the User-Name filed controlled by the attacker. Depending on the local site configuration, the logs may be consumed by something which eventually reaches a vulnerable log4j instance.
There is a good summary written by Radiator software https://blog.radiatorsoftware.com/2021/12/radius-servers-and-log4j-vulnerability.html
We agree with their analysis, and with their conclusions.
Fuji Electric Not Affected
Statement Date: January 19, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Fusion Auth Not Affected
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
gdnsd Not Affected
Statement Date: December 16, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
gdnsd doesn't have any Java code and is categorically not impacted.
HardenedBSD Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
HardenedBSD does not provide the affected version of Log4j in its package repos.
HCC Embedded Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
HitmanPro Not Affected
Statement Date: December 17, 2021
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| This does not affect our products. In non of our products we use Log4j. | |
| CVE-2021-44228 | Not Affected |
| Vendor Statement: | |
| This does not affect our products. In non of our products we use Log4j. | |
| CVE-2021-45046 | Not Affected |
| Vendor Statement: | |
| This does not affect our products. In non of our products we use Log4j. | |
Vendor Statement
This does not affect our products. In non of our products we use Log4j.
Illumos Not Affected
Statement Date: December 17, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
illumos itself has no java that uses the log4j facility. Distributions should check their additions to confirm either no use of log4j, or that appropriate patches or mitigations occur.
ImageMagick Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Insyde Software Corporation Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
JFrog Not Affected
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
Joomla Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
The Joomla CMS is not affected by the Log4J vulnerability as it's not based on Java.
Joyent Not Affected
Statement Date: December 20, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
See https://security.joyent.com/jsa-2021-003/ for our full statement.
Keycloak Not Affected
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
LANCOM Systems GmbH Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Legion of the Bouncy Castle Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
LemonLDAP Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
lighttpd Not Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
lighttpd does not use Java and is not vulnerable to log4j-related attacks.
If the lighttpd web server is in front of potentially vulnerable services, then lighttpd may be used to apply mitigations to protect potentially vulnerable services. A sample lua script for use with lighttpd mod_magnet is provided at https://wiki.lighttpd.net/AbsoLUAtion#security-responses
lwIP Not Affected
Statement Date: December 20, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Macrium Not Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Unknown |
| Vendor Statement: | |
| We have have neither log4j, nor any other Apache java component in our software stack. Therefore we can assert that we are not vulnerable to this class of attack. | |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
| Vendor Statement: | |
| We have have neither log4j, nor any other Apache java component in our software stack. Therefore we can assert that we are not vulnerable to this class of attack. | |
Vendor Statement
Neither Log4j, nor any Apache Java components form part of our software stack therefore Log4Shell isn't a concern.
Mbed TLS Not Affected
Statement Date: December 23, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Medicomp Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Micrium Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
MikroTik Not Affected
Statement Date: January 24, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
MikroTik is not affected by Log4 in any software or services.
Miredo Not Affected
Statement Date: December 18, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Mobatek Not Affected
Statement Date: December 20, 2021
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| MobaXterm software is fully developed in Delphi and C. It does not use any Java code, so it does not use Log4J or Log4shell | |
| CVE-2021-44228 | Not Affected |
| Vendor Statement: | |
| MobaXterm software is fully developed in Delphi and C. It does not use any Java code, so it does not use Log4J or Log4shell | |
| CVE-2021-45046 | Not Affected |
| Vendor Statement: | |
| MobaXterm software is fully developed in Delphi and C. It does not use any Java code, so it does not use Log4J or Log4shell | |
Vendor Statement
MobaXterm software is fully developed in Delphi and C. It does not use any Java code, so it does not use Log4J or Log4shell
Momentum Not Affected
Statement Date: December 17, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Muonics Inc. Not Affected
Statement Date: December 23, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
Apache Log4j is not used by any Muonics, Inc. products.
netsnmp Not Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
NGINX Not Affected
Statement Date: December 22, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
NTPsec Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
OnApp Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OneScreen Not Affected
Statement Date: December 22, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Ontario Systems Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
Customers can retrieve information on any affected products by visiting the respective product site.
References
OpenSSL Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OpenWRT Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Opera Software Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
OrbiTeam Software GmbH Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| BSCW is programmed in Python, so it is not vulnerable. | |
| CVE-2021-44228 | Not Affected |
| Vendor Statement: | |
| BSCW is programmed in Python, so it is not vulnerable. | |
| CVE-2021-45046 | Not Affected |
| Vendor Statement: | |
| BSCW is programmed in Python, so it is not vulnerable. | |
OTRS Not Affected
Statement Date: December 17, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
OTRS is not written in JAVA therefore not affected. 3rd Party components in local installations e.g. Elasticsearch may be affected. Elasticsearch in our SaaS platform was preventative mitigated according to the recommendation of Elasticsearch
pfSense Not Affected
Statement Date: December 20, 2021
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| Neither pfSense Plus nor CE software use Java. Neither Java nor log4j are available to install manually on pfSense software from Netgate package servers. | |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
| Vendor Statement: | |
| Neither pfSense Plus nor CE software use Java. Neither Java nor log4j are available to install manually on pfSense software from Netgate package servers. | |
Vendor Statement
Neither pfSense Plus nor CE software use Java. Neither Java nor log4j are available to install manually on pfSense software from Netgate package servers.
Pi-Hole Not Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Pragma Systems Not Affected
Statement Date: January 04, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
Pragma Systems products are not impacted by the critical Apache Log4j vulnerability known as CVE-2021-44228. Pragma Telemote, Pragma Telemote Viewer, Pragma Fortress SSH Server, Pragma Fortress SSH Client and Pragma TelnetServer do not use any java libraries in the products.
Please see our formal statement at https://www.pragmasys.com/news/press-release-apach-log4j-vulnerabillity.
pUPNP Not Affected
Statement Date: December 17, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Qmail-TLS Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Rocket.Chat Not Affected
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://github.com/RocketChat/Rocket.Chat/issues/23927
Rust Security Response WG Not Affected
Statement Date: December 16, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
log4j is not distributed as part of the Rust toolchain, and the library is not present in the Rust project infrastructure either
Securepoint GmbH Not Affected
Statement Date: January 12, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Sendmail Consortium Not Affected
Statement Date: December 20, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
Open source sendmail is not affected.
Synology Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
References
The LLVM Security Group Not Affected
Statement Date: January 21, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We are not aware the java programming language nor log4j is used in the llvm project.
Treck Not Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Trend Micro Not Affected
Statement Date: December 17, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
https://success.trendmicro.com/solution/000289940
References
TwinOaks Computing Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
CoreDX DDS does not use or include log4j, and is therefore not impacted by CVE-2021-44228.
VanDyke Software Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
VanDyke Software products do not use Java and do not use the Apache Log4j library. The Log4j vulnerability is not applicable to VanDyke Software products.
Wind River Not Affected
Statement Date: December 27, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Wireshark Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
Neither Wireshark nor its web sites are affected.
References
XigmaNAS Not Affected
Statement Date: December 21, 2021
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
X.org Foundation Not Affected
Statement Date: January 07, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
The X.Org Foundation does not publish or maintain any software written in Java or that otherwise includes or depends on Apache Log4j.
xpdf Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
YARDRADIUS Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Zephyr Project Not Affected
Statement Date: December 15, 2021
| CVE-2021-4104 | Not Affected |
| Vendor Statement: | |
| The Zephyr project does not make use of Java in our codebase. | |
| CVE-2021-44228 | Not Affected |
| Vendor Statement: | |
| The Zephyr project does not make use of Java in our codebase. | |
| CVE-2021-45046 | Not Affected |
| Vendor Statement: | |
| The Zephyr project does not make use of Java in our codebase. | |
Vendor Statement
The Zephyr project is a small, embedded, microcontroller RTOS. As such, it does not make use of Java, or any packages written in Java, and is unaffected by these vulnerabilities.
Zoho Not Affected
Statement Date: January 07, 2022
| CVE-2021-4104 | Not Affected |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Not Affected |
Vendor Statement
We have not received a statement from the vendor.
Zscaler Not Affected
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Not Affected |
| CVE-2021-45046 | Unknown |
Vendor Statement
Zscaler security team has analyzed the use of log4j in all its products. All use of vulnerable libraries have been remediated and the systems analyzed for compromise. There was no impact identified because of this vulnerability and Zscaler is no longer affected.
References
Honeywell Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Pulse Secure Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
Puppet Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/
PURESTORAGE Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
- https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22)
- https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592
CERT Addendum
https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22)
https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592
Rubrik Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
- https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK
- https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592
CERT Addendum
https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK
https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592
SanDisk Corporation Unknown
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
This is the only statement we are prepared to make at this time
https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis
References
Saviynt Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
https://saviynt.freshdesk.com/en/support/solutions/articles/43000651898-cve-2021-44228
Scytl Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://twitter.com/Shadow0pz/status/1469329119439687682
SmileCDR Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228
Vespa - AI, Engine Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
References
CERT Addendum
https://github.com/vespa-engine/blog/blob/f281ce4399ed3e97b4fed32fcc36f9ba4b17b1e2/_posts/2021-12-10-log4j-vulnerability.md
Western Digital Unknown
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
This is the only statement we are prepared to make at this time.
https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis
References
2Wire Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
3proxy Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
7-Zip.org Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
8e6 Technologies Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
A10 Networks Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
A51 DOO Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AbanteCart Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Abbott Labs Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Accela Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Accellion Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ACCESS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Acclaim Games Incorporated Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Accuphase Laboratory, Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Acer Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ACME Packet Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AcoInfo SylixOS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Acresso Software Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ACROS Security Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Actelis Networks Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ACTi Corporation Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Actiontec Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Adaptec Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ADATA Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AddOn Technologies Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AdTrustMedia Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Advance Pro Technologies Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Advantech Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Advantech B-B Technology Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AdventNet Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AERAsec Network Services and Security GMbH Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Aerohive Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Agile FleetCommander Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AhnLab Inc Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Airbus Group Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AirDroid Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Airspan Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AirWatch Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AjaXplorer Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Akamai Technologies Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Aker Security Solutions Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Aladdin Systems Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Alcatel-Lucent Enterprise Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Alertus Technologies Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
algosec Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Alibaba AliOS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Allegro Software Development Corporation Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Allied Telesis Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ALLNET GmbH Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Allround Automations Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Alpine Linux Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Alpwise Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Alstom Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Alstrasoft Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AltiGen Communications Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Alt-n Technologies Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Altran Intelligent Systems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ambir Technologies Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AMD Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
American Power Conversion Corp. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AMTELCO Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
am-utils Developer Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
amx Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Analog Devices Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Analogic Corporation Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Anova Culinary, Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ANTlabs Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Apache Dubbo Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Apache HTTP Server Project Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Apache Traffic Server Project Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Apache XML Security Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Aperto Networks Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Appeal Virtual Machines Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Apple Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Application Security Inc Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Applied Informatics GmbH Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Apply Yourself Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AppsGeyser Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Appthority Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Aptexx Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Arcadyan Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Arch Linux Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ardent Software Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AREVA T&D Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Armis Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ARM Limited Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ARRIS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Artifex Software Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Asante Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Asavie Technologies Ltd Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Aspen Tech Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AssureBridge Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Astaro Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ASUSTeK Computer Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ASUSTOR Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Aternity Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Atheros Communications Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AtMail Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Atmo O Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Atom Security, Inc Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Atredis Partners Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AT&T Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Attachmate Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
At Telekon Austria AG Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Audio-Technica Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Aurigma Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Authentium Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AuthLite Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Authy Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Autodemo Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Autodesk Inc Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Auto-Maskin AS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Automated Solutions Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Automatic Data Processing Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AutoMobility Distribution Inc Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Autonomy Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Avahi mDNS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Avast Antivirus Software Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Avaya Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AVer Information Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AvertLabs Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Avet Information and Network Security Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Aveva Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
AVG Anti-virus Software Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Avigilon Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Avionica Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Avira Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Axigen Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Axis Communications Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
axTLS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BackupPC Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BackWeb Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BAE Systems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bahamut Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Baltimore Technologies Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bank of America Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
baramundi software AG Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Baxter US Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BB&T Bank Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BDT Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Beeline Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Belden Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Belkin Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bell Aliant Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bell Canada Enterprises Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BellSouth Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bert Hubert Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Best Buy Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BiBa SOFTWARE Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BigAntSoft Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Billion Electric Co Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bit9 Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bitdefender Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bitium Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BitRouter Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bitvise Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BitZipper Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bizagi Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bizanga Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BlackBerry Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Blackberry QNX Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Blackboard Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Black Box Network Services UK Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Blankom Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BlazeVideo Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
blojsom Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bloxx Ltd Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BlueCat Networks Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Blue Coat Systems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bluehost Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bluetooth SIG Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Blunk Microsystems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BLU Products Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Boeing Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bomgar Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BoonEx Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Booz Allen Hamilton Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Borderware Technologies Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BoringSSL Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Botan Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bounce Test Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Box Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BPC Banking Technologies Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bradford Networks Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Brave Software Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BreakingPoint Systems Inc Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
British Sky Broadcasting Ltd Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Broderbund at Riverdeep Interactive Larning Limited Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Bromium Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Brother USA Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Buffalo Technology Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
BullGuard Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Business Objects Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cable & Wireless Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CacheGuard Technologies Ltd Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cactusoft Ltd Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cadence Design Systems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cafelog Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CalAmp Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cambium Networks Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Canoga Perkins Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Canon Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Carel Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CareStream Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Casaba Security Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CaseWorthy Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CatBird Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CA Technologies Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Caterpillar Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Caucho Technology Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cavium Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CCww Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CDNsun Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CentOS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Centreon Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Centrify Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cenzic Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ceragon Networks Inc Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CERT/CC Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Certicom Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CERT Orange Cyberdefense Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cerulean Studios Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cesanta Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Chandler Carruth Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Charles Schwab Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Chatterbox Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Checkbox Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Chiyu Technologies Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cincom Systems Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cirpack Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CISA Industrial Control Systems Vulnerability Management and Coordination Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CISA Integrated Operations Coordination Center (CIOCC) Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CISA Service Desk Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CISA Vulnerability Management and Disclosures Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cistron Radius Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Citect Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CKAN Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Clam AntiVirus Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cleo Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CleverFiles Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Clever, Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CloudAtCost Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cloudmark Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cluster Resources Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CMS Made Simple Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CMX Systems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CNT Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cobham plc Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CodeLathe Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cog Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cogix Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Coherent Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CollabNet Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Columbia SIP User Agent (SIPC) Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Comcast Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Commscope Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
COMODO Security Solutions, Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ComponentSpace Pty Ltd Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CompuServe Incorporated Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Comsys Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Conectiva Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Conference and Publication Services LLC Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Connect2id Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Connectwise Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Consona Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Content Watch Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Contiki OS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Convedia Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
COP USA Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Copy9 Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
core_blanco_eissler Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Corel Corporation Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CoSoSys Endpoint Security Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CouchBase Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Courier-mta Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Coyote Point Systems Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cray Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Creative Labs Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CREDANT Technologies Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Creek Audio Ltd Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cricket Wireless Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Critical Path Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Crossbeam Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Crucial Technology Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cryoserver Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CrypKey Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cryptlib Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Crypto++ Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CSCare Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CS-Cart Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CSL DualCom Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cummings Engineering Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CuteSoft Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CUworld Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CVS Home Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CVSTrac Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CWD Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cyanconnode AB Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CyberLink Corporation Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cyberoam Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CyberSafe Limited Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CyberSoft Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cyclades Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cylance Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cypherbridge Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cypress Semiconductor Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cyrus-IMAP Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Cytiva Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
CZ.NIC Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dahua Security Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Daihen Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Daktronics Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DameWare Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dan Bernstein Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Danish e-Infrastructure Cooperation (WAYF) Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DansGuardian Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dassault Systemes Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DATAC Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Data Connection Ltd. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Datalex Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Datameer Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dataprobe, Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Datto Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Datum Systems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DBPOWER Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
dBpoweramp Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
dd-wrt Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dedicated Micros Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dentrix Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dentsply Sirona Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DENX Software Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DesignCrowd Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DesktopBSD Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Desoutter Industrial Tools Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Deterministic Networks Inc Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Deuterium Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Deutsche Telekom Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Devicescape Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Devon IT Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dexis Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DFLabs Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DIDI Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Diebold Election Systems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Diebold Nixdorf Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Digicast Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DigiCert Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Digicom Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Digi International Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Digital Alert Systems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Digital River Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Digitus Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DirecTV Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Discord Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Discretix Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Distinct Corporation Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DivX Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
D-Link Systems Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
dnsmasq Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dobysoft Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Docker Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DocuSign Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Doogee Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
dotCMS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DotNetNuke Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dovestones Software Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DragonFly BSD Project Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DropWizard Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DTE Energy Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Duo Security Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
DyKnow Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dynabook Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Dynatrace Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
EasyVista Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Eaton Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
eBay Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
E-Book Systems Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ecava Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Eclipse Foundation Inc Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ECSystems.nl Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Edgewall Software Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Edimax Computer Company Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
eero Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
EfficientIP Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
EFI Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
EFS Technology Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Egnite Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
eIQnetworks Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ektron Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Eland Systems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ElcomSoft Co. Ltd. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Electronic Arts Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Electronic Frontier Foundation Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Elisa Costante Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Elspec Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Embarcadero Technologies Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Embed This Go Ahead Web Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Emerson Network Power Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Enablence Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Encore Electronics Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ENEA Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Engarde Secure Linux Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Entegrity Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Enterasys Networks Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Entercept Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Entr'ouvert Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Entrust Datacard Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Envoy Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Epic Systems Corporation Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Epiphany Healthcare Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Epsilon Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ERDAS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ericsson Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ER Mapper Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ESET LLC. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
eSignal Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Espressif Systems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ethernut Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Exadel Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Experian Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Express Logic Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Extreme Networks Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Facebook Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fail2ban Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FairCom Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fanuc America Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fastly Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fedora Project Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ffmpeg Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fiat Chrysler Automobiles Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fidelity FMR Corp. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FiiO Electronics Technology Co., Ltd. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FireFTP Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fitbit Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fives Landis Group Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FLAC Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FlashRouters Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Flash Seats Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Flexera Software Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FlexVision Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Florian Weimer Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fluke Networks Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FMA Risk Management Solutions Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FNet Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fonality Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fone Tracker Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Force10 Networks Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Ford Motor Company Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
ForgeRock Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Foxit Software Company Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
F-PROT AVS by Frisk Software International Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Fraunhofer Institut Integrierte Schaltungen IIS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FreePBX Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FTP Software Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FtpUse Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
FujiFilm Corporation Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
fuse-nfs Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GamaSEC Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GameTap-Turner Broadcasting subsidiary Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Gamma Tech Computer Corp. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Garmin International, Inc. Unknown
Statement Date: December 14, 2021
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GateHouse Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
G DATA Software AG Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GEAR Software Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Gemalto AV Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
General Dynamics Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
General Electric Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
General Motors Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Gentoo Linux Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GETAC Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Getjar Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GFI Software Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GIGABYTE Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Gigasys Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Gilat Network Systems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Github Security lab Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GitLab Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Global Eagle Entertainment Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Global IP Solutions Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GlobalSign Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Global Technology Associates Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Gnash Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GNOME Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GNU adns Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GNU Compiler Collection Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GNU glibc Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GNU Grub Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GnuPG Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GNU Sharutils Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GnuTLS Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GNU wget Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GoAnywhere Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Good Technology Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Go Programming Language Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GPS Insight Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Gracenote Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Grandstream Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Granite Data Services Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GraphicsMagick Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Grass Valley Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Green Hills Software Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Green Packet Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
gRPC Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Grumman System Support Corporation Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
GSMA Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Guangzhou Gaoke Communications Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Guest Spy Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Guidance Software Inc. Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Gurock Software GmbH Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Gynoii Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Halaxy Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Haliplex Communication Systems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Hanvon Technology Co Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Hanwha Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
HAProxy Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Harman Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Harris Corporation Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
HelpSystems Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.
Hewlett Packard Enterprise Unknown
| CVE-2021-4104 | Unknown |
| CVE-2021-44228 | Unknown |
| CVE-2021-45046 | Unknown |
Vendor Statement
We have not received a statement from the vendor.