var-202112-0566
Vulnerability from variot
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. Apache Log4j allows insecure JNDI lookups that could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the vulnerable Java application using Log4j.CVE-2021-4104 Affected CVE-2021-44228 Affected CVE-2021-45046 AffectedCVE-2021-4104 Affected CVE-2021-44228 Affected CVE-2021-45046 Affected. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Critical: Red Hat Data Grid 8.2.2 security update Advisory ID: RHSA-2021:5132-01 Product: Red Hat JBoss Data Grid Advisory URL: https://access.redhat.com/errata/RHSA-2021:5132 Issue date: 2021-12-14 CVE Names: CVE-2021-44228 =====================================================================
- Summary:
An update for Red Hat Data Grid is now available.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Description:
Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.
Data Grid 8.2.2 replaces Data Grid 8.2.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.2.2 in the Release Notes [3].
Security Fix(es):
- log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
To install this update, do the following:
- Download the Data Grid 8.2.2 server patch from the customer portal[²].
- Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.
- Install the Data Grid 8.2.2 server patch. Refer to the 8.2.2 Release Notes[³] for patching instructions.
-
Restart Data Grid to ensure the changes take effect.
-
Bugs fixed (https://bugzilla.redhat.com/):
2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value
- References:
https://access.redhat.com/security/cve/CVE-2021-44228 https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=70381&product=data.grid&version=8.2&downloadType=patches https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.2/html-single/red_hat_data_grid_8.2_release_notes/index https://access.redhat.com/security/vulnerabilities/RHSB-2021-009
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYblI0NzjgjWX9erEAQj7mw//TtZnFmrLI6Ts7uC19MnLA/vVPXT1i2Qz R1CZ4T7QCZkiJCNXvwYHj7iQgOm5o/seXRE38qGtJWqiyrZMGHVQnDl1Vuhm31jg 6lxhpjn0kKKZanznosCxF3U2ovLhrEx+5in4piNiyV6CKkkgBV7UvESGWlIKiumq 1r79DAQ7WdYPoOk+m+b5p/okFJXyD0FcEbrqZcgJQCmR9zyJ6DGAy4N9+cgEgGaC QoVZaXa+pUEVjiAOAg0XNcb+GyYSMFwkPUR14NI0V2OHIo97aBg9AG1HrOj3QmSG 5LR/8zWQbfSbtTIzR67gBGF8F8nvnEeBARYje97Cx2FcHGDFisLHM8OGqFNjU5+I HepIdPjwcoy3kPDSfQ9WXx7Iz03tMCbhMWUhH9MRYuUAzCHgsAryZ4AnTBa+Hn7B 7WHuVf24eFcoJysoWGsbQZDzN5oxqIRXP2mA5k7MVemHV5L+7KV15KyJWaDqTdI+ DTpw8kP/WboloegmZmaqbPLlfvl91G8LjU5yfLaa+rNHkbyT4G1c3iQm5yLWlsYW yfGf+XiZPoF5S6862qdx7YPZG0yTkaUYU0Spnr8eV9wt9uUIp57jczrBzgBKYlN0 BdNv9DgqbGvhmdz/k95gRZUpdYAvF6J4+Y4h9uXgxqfdGZjFCSlegOG8gleCnvEw dfFqyyf+3ZQ= =be8O -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Solution:
For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html
For Red Hat OpenShift Logging 5.1, see the following instructions to apply this update:
https://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html
- JIRA issues fixed (https://issues.jboss.org/):
LOG-1971 - Applying cluster state is causing elasticsearch to hit an issue and become unusable
The References section of this erratum contains a download link for the update. You must be logged in to download the update. ========================================================================= Ubuntu Security Notice USN-5192-2 December 17, 2021
apache-log4j2 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Apache Log4j 2 could be made to crash or run programs as an administrator if it received a specially crafted input. This update provides the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run programs via a special crafted input. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: liblog4j2-java 2.4-2ubuntu0.1~esm1
In general, a standard system update will make all the necessary changes.
2021-12-11: VMSA-2021-0028.1 Updated advisory with workaround information for multiple products including vCenter Server Appliance, vRealize Operations, Horizon, vRealize Log Insight, Unified Access Gateway.
2021-12-13: VMSA-2021-0028.2 Revised advisory with updates to multiple products. \x95 VMware HCX \x95 VMware NSX-T Data Center \x95 VMware WorkspaceOne Access \x95 VMware Identity Manager \x95 VMware vRealize Operations Cloud Proxy \x95 VMware vRealize Lifecycle Manager \x95 VMware Site Recovery Manager, vSphere Replication \x95 VMware Carbon Black Cloud Workload Appliance \x95 VMware Carbon Black EDR Server \x95 VMware Tanzu GemFire \x95 VMware Tanzu Greenplum \x95 VMware Tanzu Operations Manager \x95 VMware Tanzu Application Service for VMs \x95 VMware Tanzu Kubernetes Grid Integrated Edition \x95 VMware Tanzu Observability by Wavefront Nozzle \x95 Healthwatch for Tanzu Application Service \x95 Spring Cloud Services for VMware Tanzu \x95 API Portal for VMware Tanzu \x95 Single Sign-On for VMware Tanzu Application Service \x95 App Metrics \x95 VMware vCenter Cloud Gateway \x95 VMware Cloud Foundation \x95 VMware Workspace ONE Access Connector \x95 VMware Horizon DaaS \x95 VMware Horizon Cloud Connector \x95 VMware NSX Data Center for vSphere \x95 VMware AppDefense Appliance \x95 VMware Cloud Director Object Storage Extension
You are receiving this alert because you are subscribed to the VMware Security Announcements mailing list. To modify your subscription or unsubscribe please visit https://lists.vmware.com/mailman/listinfo/security-announce. Description:
Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.
Security Fix(es):
-
log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
-
jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception (CVE-2020-28491)
-
kubernetes-client: fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise (CVE-2021-20218)
-
xstream: Arbitrary code execution via unsafe deserialization of com.sun.corba.* (CVE-2021-39149)
-
xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration (CVE-2021-39145)
-
xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration (CVE-2021-39151)
-
xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapSearchEnumeration (CVE-2021-39147)
-
xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.toolkit.dir.ContextEnumerator (CVE-2021-39148)
-
xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei.* (CVE-2021-39141)
-
xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue (CVE-2021-39146)
-
xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue (CVE-2021-39154)
-
xstream: Arbitrary code execution via unsafe deserialization of sun.tracing.* (CVE-2021-39144)
-
xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl (CVE-2021-39139)
-
xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl (CVE-2021-39153)
-
xstream: Infinite loop DoS via unsafe deserialization of sun.reflect.annotation.AnnotationInvocationHandler (CVE-2021-39140)
-
xstream: remote command execution attack by manipulating the processed input stream (CVE-2021-29505)
-
xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.* (CVE-2021-39150)
-
xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData (CVE-2021-39152)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
It is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process. Bugs fixed (https://bugzilla.redhat.com/):
1923405 - CVE-2021-20218 fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise 1930423 - CVE-2020-28491 jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception 1966735 - CVE-2021-29505 XStream: remote command execution attack by manipulating the processed input stream 1997763 - CVE-2021-39139 xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl 1997765 - CVE-2021-39140 xstream: Infinite loop DoS via unsafe deserialization of sun.reflect.annotation.AnnotationInvocationHandler 1997769 - CVE-2021-39141 xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei. 1997772 - CVE-2021-39144 xstream: Arbitrary code execution via unsafe deserialization of sun.tracing. 1997775 - CVE-2021-39145 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration 1997777 - CVE-2021-39146 xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue 1997779 - CVE-2021-39147 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapSearchEnumeration 1997781 - CVE-2021-39148 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.toolkit.dir.ContextEnumerator 1997784 - CVE-2021-39149 xstream: Arbitrary code execution via unsafe deserialization of com.sun.corba. 1997786 - CVE-2021-39150 xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei. 1997791 - CVE-2021-39151 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration 1997793 - CVE-2021-39152 xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData 1997795 - CVE-2021-39153 xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl 1997801 - CVE-2021-39154 xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue 2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value
This update also fixes CVE-2020-9488 in the oldstable distribution (buster). Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender.
For the oldstable distribution (buster), this problem has been fixed in version 2.15.0-1~deb10u1.
For the stable distribution (bullseye), this problem has been fixed in version 2.15.0-1~deb11u1.
We recommend that you upgrade your apache-log4j2 packages.
For the detailed security status of apache-log4j2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/apache-log4j2
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmG0+YVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQvXA/+LIMVC0X80Qc6No564VodtTN3Ci0NyaUcQyZG8Gyo2tPuwKEpOUpmom7f wcZvQgKvwxs3Ad1M5Zt/6Ql3v0KbwzBah0v8KUV86B6g4yb+Wno7iKQR1mN47bpz 2SJPzf6IECwtmz3zYI3fLuJJ/dvAMRlQ+nhPsC8/zJGJgfFHFmDyfG8TtlrYLUHS Pjpov4C/VllQGJ5MjyVF93OqTCy4V7WxH/RgT1YBOs71KNCq5yPoch35geytSQoM Kk59qFLQgST2kYhLVxRRbdQAAhbA7W5XythKqphon6nRmlJPHSGkXMf9s0N3cm6K Zkmvo2/A29FiceZj/bSM4/qw7gqbsJfpSMcTKmxhReolsXAJVj4mGu9cZZTAP7Tb g8fl8kGljFd01ka0208eFyILHCR2bAF2xgS1nG6TCc170azDkvW38fZHHkLQIPbF TOwxoNv8dHgyT6pfI+BDYKy9pNvrLk/jqXkOpry6nY+Ji/RcjGBDIR3VP25VsMk8 6zwERE1LX0IvwiaSFBg6oyWW4siINZzFyVXryLvRr/YBIAYKGv+Y1Wn8ageACItW 2SZjLbK4uBTOHyvPITBgOZSYD7kYcTPxdbb8ntw7Uo489hYXzjYlloTBoUPg1G3o gyZnRfW0yYf2bA63I7vVBDTITt8K4H1UkUDEOIUjXGekFLqDnGw= =BY2+ -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-0566", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "cloudcenter cost optimizer", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "5.5.2" }, { "model": "common services platform collector", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "002.009\\(001.002\\)" }, { "model": "network dashboard fabric controller", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.0\\(1\\)" }, { "model": "energyip", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.6" }, { "model": "firepower threat defense", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.2.3" }, { "model": "paging server", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "8.4\\(1\\)" }, { "model": "evolved programmable network manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "5.0" }, { "model": "automated subsea tuning", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "02.01.00" }, { "model": "log4j", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "2.0.1" }, { "model": "log4j", "scope": "lt", "trust": 1.0, "vendor": "apache", "version": "2.15.0" }, { "model": "enterprise chat and email", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.5\\(1\\)" }, { "model": "captial", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2019.1" }, { "model": "firepower threat defense", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.5.0" }, { "model": "ucs central software", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.0\\(1c\\)" }, { "model": "sd-wan vmanage", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.4" }, { "model": "integrated management controller supervisor", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.3.2.1" }, { "model": "broadworks", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "cloudcenter suite", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "5.4\\(1\\)" }, { "model": "wan automation engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.6" }, { "model": "dna center", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.2.3.4" }, { "model": "contact center management portal", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "12.5\\(1\\)" }, { "model": "wan automation engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.2.3" }, { "model": "unified communications manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1.22900.28\\)" }, { "model": "energyip", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.5" }, { "model": "unity connection", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5" }, { "model": "sd-wan vmanage", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "20.7" }, { "model": "vm access proxy", "scope": "lt", "trust": 1.0, "vendor": "snowsoftware", "version": "3.6" }, { "model": "mendix", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "connected analytics for network deployment", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "006.005.000.000" }, { "model": "unified computing system", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "006.008\\(001.000\\)" }, { "model": "ucs central software", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.0" }, { "model": "desigo cc advanced reports", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.0" }, { "model": "dna center", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.1.2.8" }, { "model": "emergency responder", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(4.65000.14\\)" }, { "model": "operation scheduler", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "1.1.3" }, { "model": "ucs central software", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.0\\(1b\\)" }, { "model": "firepower threat defense", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.1.0" }, { "model": "siveillance identity", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "1.5" }, { "model": "virtual topology system", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.6.6" }, { "model": "common services platform collector", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "002.009\\(001.001\\)" }, { "model": "captial", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2019.1" }, { "model": "unity connection", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1.10000.6\\)" }, { "model": "e-car operation center", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2021-12-13" }, { "model": "unified customer voice portal", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(1\\)" }, { "model": "crosswork network automation", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.0.0" }, { "model": "intersight virtual appliance", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "1.0.9-343" }, { "model": "ucs central software", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.0\\(1k\\)" }, { "model": "oneapi sample browser", "scope": "eq", "trust": 1.0, "vendor": "intel", "version": null }, { "model": "wan automation engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.5" }, { "model": "emergency responder", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5" }, { "model": "common services platform collector", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "002.010\\(000.000\\)" }, { "model": "identity services engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "003.001\\(000.518\\)" }, { "model": "unified customer voice portal", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0" }, { "model": "sppa-t3000 ses3000", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "intersight virtual appliance", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "1.0.9-361" }, { "model": "business process automation", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "3.0.000.115" }, { "model": "connected analytics for network deployment", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "008.000.000.000.004" }, { "model": "crosswork zero touch provisioning", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.0.0" }, { "model": "evolved programmable network manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "4.1" }, { "model": "nx", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "dna spaces\\: connector", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.5" }, { "model": "unified contact center express", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.5\\(1\\)" }, { "model": "mobility services engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "integrated management controller supervisor", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.3.2.0" }, { "model": "firepower threat defense", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.3.0" }, { "model": "unified contact center enterprise", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0\\(1\\)" }, { "model": "unified intelligence center", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(1\\)" }, { "model": "network dashboard fabric controller", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.4\\(1\\)" }, { "model": "unified workforce optimization", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1\\)" }, { "model": "webex meetings server", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "4.0" }, { "model": "paging server", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "8.3\\(1\\)" }, { "model": "xpedition package integrator", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "log4j", "scope": "lt", "trust": 1.0, "vendor": "apache", "version": "2.3.1" }, { "model": "xpedition enterprise", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": null }, { "model": "dna center", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "2.2.3.0" }, { "model": "dna center", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.2.2.8" }, { "model": "common services platform collector", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "002.009\\(000.001\\)" }, { "model": "business process automation", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "3.2.000.009" }, { "model": "gma-manager", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "8.6.2j-398" }, { "model": "siguard dsa", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.4" }, { "model": "paging server", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "9.0\\(1\\)" }, { "model": "common services platform collector", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.10.0.1" }, { "model": "sd-wan vmanage", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "video surveillance manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.14\\(2.26\\)" }, { "model": "finesse", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.5\\(1\\)" }, { "model": "optical network controller", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "1.1" }, { "model": "sd-wan vmanage", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "20.8" }, { "model": "unified contact center express", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "12.5\\(1\\)" }, { "model": "unified intelligence center", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(2\\)" }, { "model": "industrial edge management", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "cloud secure agent", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "network services orchestrator", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "5.4" }, { "model": "fxos", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.7.0" }, { "model": "ucs central software", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.0\\(1a\\)" }, { "model": "log4j", "scope": "eq", "trust": 1.0, "vendor": "apache", "version": "2.0" }, { "model": "identity services engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "002.004\\(000.914\\)" }, { "model": "wan automation engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.3" }, { "model": "synchro 4d", "scope": "lt", "trust": 1.0, "vendor": "bentley", "version": "6.2.4.2" }, { "model": "sentron powermanager", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.2" }, { "model": "fog director", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "video surveillance manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.14\\(1.26\\)" }, { "model": "comos", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "crosswork network automation", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "4.1.0" }, { "model": "network services orchestrator", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "5.5.4.1" }, { "model": "navigator", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2021-12-13" }, { "model": "evolved programmable network manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.0" }, { "model": "data center manager", "scope": "lt", "trust": 1.0, "vendor": "intel", "version": "5.1" }, { "model": "unified customer voice portal", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.6\\(1\\)" }, { "model": "sd-wan vmanage", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "20.4" }, { "model": "optical network controller", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "1.1.0" }, { "model": "crosswork zero touch provisioning", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.0.1" }, { "model": "wan automation engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.4" }, { "model": "automated subsea tuning", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.1.0" }, { "model": "cloud manager", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "35" }, { "model": "broadworks", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2021.11_1.162" }, { "model": "identity services engine", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.4.0" }, { "model": "energyip prepay", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.8" }, { "model": "firepower threat defense", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.0.0" }, { "model": "common services platform collector", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "002.009\\(001.000\\)" }, { "model": "cloud connect", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(1\\)" }, { "model": "connected analytics for network deployment", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "006.004.000.003" }, { "model": "unified communications manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1\\)" }, { "model": "contact center domain manager", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "12.5\\(1\\)" }, { "model": "cloudcenter suite", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "4.10\\(0.15\\)" }, { "model": "energyip", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "8.7" }, { "model": "cloudcenter suite", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "5.3\\(0\\)" }, { "model": "workload optimization manager", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "3.2.1" }, { "model": "paging server", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "8.5\\(1\\)" }, { "model": "nexus insights", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "6.0.2" }, { "model": "sentron powermanager", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.1" }, { "model": "siguard dsa", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.3" }, { "model": "unified communications manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1.17900.52\\)" }, { "model": "unity connection", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1\\)" }, { "model": "network insights for data center", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.0\\(2.1914\\)" }, { "model": "emergency responder", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(4\\)" }, { "model": "system debugger", "scope": "eq", "trust": 1.0, "vendor": "intel", "version": null }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "10.0" }, { "model": "enterprise chat and email", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(1\\)" }, { "model": "mindsphere", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2021-12-11" }, { "model": "paging server", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "9.0\\(2\\)" }, { "model": "ontap tools", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "log4j", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "2.13.0" }, { "model": "unified contact center enterprise", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(1\\)" }, { "model": "unified communications manager im \\\u0026 presence service", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1.22900.6\\)" }, { "model": "unified contact center enterprise", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.5\\(1\\)" }, { "model": "unified communications manager im \\\u0026 presence service", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1\\)" }, { "model": "sd-wan vmanage", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "20.6.1" }, { "model": "ucs central software", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.0\\(1d\\)" }, { "model": "unified communications manager im and presence service", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1\\)" }, { "model": "network dashboard fabric controller", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(3\\)" }, { "model": "common services platform collector", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "002.009\\(000.002\\)" }, { "model": "unified sip proxy", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "010.002\\(001\\)" }, { "model": "fxos", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.4.0" }, { "model": "identity services engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "003.002\\(000.116\\)" }, { "model": "sd-wan vmanage", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "20.3" }, { "model": "connected analytics for network deployment", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "007.003.001.001" }, { "model": "sd-wan vmanage", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.3.4.1" }, { "model": "synchro", "scope": "gte", "trust": 1.0, "vendor": "bentley", "version": "6.1" }, { "model": "packaged contact center enterprise", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "11.6" }, { "model": "network services orchestrator", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "5.6" }, { "model": "unified communications manager im and presence service", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1\\)" }, { "model": "log4j", "scope": "lt", "trust": 1.0, "vendor": "apache", "version": "2.12.2" }, { "model": "cloudcenter suite admin", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "5.3.1" }, { "model": "unified contact center enterprise", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.6\\(2\\)" }, { "model": "finesse", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(1\\)" }, { "model": "business process automation", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "3.1.000.000" }, { "model": "unified contact center enterprise", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(2\\)" }, { "model": "teamcenter", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "customer experience cloud agent", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "1.12.1" }, { "model": "crosswork network controller", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.0.0" }, { "model": "active iq unified manager", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "dna center", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "2.2.2.0" }, { "model": "network services orchestrator", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "crosswork platform infrastructure", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "4.0.1" }, { "model": "crosswork data gateway", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.0.2" }, { "model": "cloudcenter suite", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "5.5\\(1\\)" }, { "model": "snow commander", "scope": "lt", "trust": 1.0, "vendor": "snowsoftware", "version": "8.10.0" }, { "model": "solid edge harness design", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2020" }, { "model": "sd-wan vmanage", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.4.2.1" }, { "model": "siveillance identity", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "1.6" }, { "model": "connected analytics for network deployment", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "007.002.000" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "11.0" }, { "model": "cloudcenter suite", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "5.5\\(0\\)" }, { "model": "ucs central software", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.0\\(1l\\)" }, { "model": "fxos", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.6.0" }, { "model": "wan automation engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.2.1" }, { "model": "email security", "scope": "lt", "trust": 1.0, "vendor": "sonicwall", "version": "10.0.12" }, { "model": "crosswork optimization engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.0.0" }, { "model": "smart phy", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.1.2" }, { "model": "smart phy", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.1.4" }, { "model": "desigo cc advanced reports", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.2" }, { "model": "solid edge cam pro", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "unified contact center express", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(1\\)" }, { "model": "firepower threat defense", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.7.0" }, { "model": "prime service catalog", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "12.1" }, { "model": "snapcenter", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "spectrum power 4", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "4.70" }, { "model": "cyber vision", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "4.0.2" }, { "model": "unified sip proxy", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "010.002\\(000\\)" }, { "model": "common services platform collector", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "002.009\\(000.000\\)" }, { "model": "cyber vision sensor management extension", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "4.0.2" }, { "model": "data center network manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.3\\(1\\)" }, { "model": "connected analytics for network deployment", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "007.003.003" }, { "model": "unified contact center express", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(2\\)" }, { "model": "sd-wan vmanage", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.6.2.1" }, { "model": "desigo cc advanced reports", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.1" }, { "model": "finesse", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(1\\)" }, { "model": "common services platform collector", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "2.10.0" }, { "model": "cyber vision sensor management extension", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "4.0.3" }, { "model": "ucs central software", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.0\\(1h\\)" }, { "model": "opcenter intelligence", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "3.2" }, { "model": "evolved programmable network manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "4.0" }, { "model": "cx cloud agent", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "001.012" }, { "model": "sipass integrated", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2.80" }, { "model": "connected analytics for network deployment", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "007.000.001" }, { "model": "genomics kernel library", "scope": "eq", "trust": 1.0, "vendor": "intel", "version": null }, { "model": "paging server", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.5\\(2\\)" }, { "model": "video surveillance manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.14\\(3.025\\)" }, { "model": "energy engage", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.1" }, { "model": "siveillance command", "scope": "lte", "trust": 1.0, "vendor": "siemens", "version": "4.16.2.1" }, { "model": "siveillance viewpoint", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "vesys", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2019.1" }, { "model": "desigo cc info center", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "paging server", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "14.0\\(1\\)" }, { "model": "crosswork data gateway", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.0.0" }, { "model": "secure device onboard", "scope": "eq", "trust": 1.0, "vendor": "intel", "version": null }, { "model": "connected analytics for network deployment", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "006.005.000." }, { "model": "fxos", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.0.0" }, { "model": "connected analytics for network deployment", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.3" }, { "model": "smart phy", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "3.2.1" }, { "model": "data center network manager", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "11.3\\(1\\)" }, { "model": "dna center", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.2.2.8" }, { "model": "unified sip proxy", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "10.2.1v2" }, { "model": "unified customer voice portal", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.5" }, { "model": "siguard dsa", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.2" }, { "model": "firepower threat defense", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.4.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "9.0" }, { "model": "nexus dashboard", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.1.2" }, { "model": "energyip", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "9.0" }, { "model": "desigo cc info center", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "crosswork network controller", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.0.1" }, { "model": "identity services engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.4.0" }, { "model": "rhythmyx", "scope": "lte", "trust": 1.0, "vendor": "percussion", "version": "7.3.2" }, { "model": "cloudcenter workload manager", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "5.5.2" }, { "model": "ucs central software", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.0\\(1g\\)" }, { "model": "virtualized infrastructure manager", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "3.2.0" }, { "model": "unified sip proxy", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "010.000\\(001\\)" }, { "model": "vesys", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2019.1" }, { "model": "iot operations dashboard", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "fxos", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.2.3" }, { "model": "spectrum power 7", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2.30" }, { "model": "sd-wan vmanage", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "fxos", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.5.0" }, { "model": "smart phy", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.2.1" }, { "model": "unified sip proxy", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "010.000\\(000\\)" }, { "model": "unified customer voice portal", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.5\\(1\\)" }, { "model": "virtual topology system", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.6.7" }, { "model": "network dashboard fabric controller", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1\\)" }, { "model": "network dashboard fabric controller", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.2\\(1\\)" }, { "model": "enterprise chat and email", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "12.0\\(1\\)" }, { "model": "spectrum power 7", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2.30" }, { "model": "unified customer voice portal", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "11.6" }, { "model": "connected analytics for network deployment", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "007.003.000" }, { "model": "industrial edge management hub", "scope": "lt", "trust": 1.0, "vendor": "siemens", "version": "2021-12-13" }, { "model": "desigo cc advanced reports", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.1" }, { "model": "connected analytics for network deployment", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "007.001.000" }, { "model": "solid edge harness design", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2020" }, { "model": "computer vision annotation tool", "scope": "eq", "trust": 1.0, "vendor": "intel", "version": null }, { "model": "cloudcenter", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "4.10.0.16" }, { "model": "ucs central", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.0\\(1p\\)" }, { "model": "integrated management controller supervisor", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "002.003\\(002.000\\)" }, { "model": "unified customer voice portal", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.6" }, { "model": "smart phy", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.1.3" }, { "model": "network assurance engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.0\\(2.1912\\)" }, { "model": "firepower threat defense", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.6.0" }, { "model": "crosswork network automation", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "dna spaces", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "wan automation engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.1.3" }, { "model": "unified intelligence center", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(1\\)" }, { "model": "identity services engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "003.000\\(000.458\\)" }, { "model": "fxos", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.1.0" }, { "model": "wan automation engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.2.2" }, { "model": "webex meetings server", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "3.0" }, { "model": "network assurance engine", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "6.0.2" }, { "model": "head-end system universal device integration system", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "virtualized voice browser", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "12.5\\(1\\)" }, { "model": "unified workforce optimization", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1\\)" }, { "model": "dna spaces connector", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "unified contact center management portal", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.6\\(1\\)" }, { "model": "enterprise chat and email", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0\\(1\\)" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "34" }, { "model": "smart phy", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "21.3" }, { "model": "desigo cc advanced reports", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "5.0" }, { "model": "siveillance vantage", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sd-wan vmanage", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.5" }, { "model": "unified communications manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1.18900.97\\)" }, { "model": "common services platform collector", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.9.1.3" }, { "model": "unified communications manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1\\)su3" }, { "model": "cloud insights", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "evolved programmable network manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.1" }, { "model": "spectrum power 4", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "4.70" }, { "model": "network dashboard fabric controller", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.1\\(1\\)" }, { "model": "ucs central software", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.0\\(1e\\)" }, { "model": "advanced malware protection virtual private cloud appliance", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "3.5.4" }, { "model": "video surveillance manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "7.14\\(4.018\\)" }, { "model": "sensor solution development kit", "scope": "eq", "trust": 1.0, "vendor": "intel", "version": null }, { "model": "business process automation", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "3.1.000.044" }, { "model": "virtualized infrastructure manager", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "3.4.4" }, { "model": "crosswork network automation", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "4.1.1" }, { "model": "webex meetings server", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.0" }, { "model": "unified communications manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1.21900.40\\)" }, { "model": "crosswork optimization engine", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "2.0.1" }, { "model": "crosswork platform infrastructure", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "4.1.0" }, { "model": "network services orchestrator", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "5.4.5.2" }, { "model": "network services orchestrator", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "5.6.3.1" }, { "model": "identity services engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "002.006\\(000.156\\)" }, { "model": "logo\\! soft comfort", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "business process automation", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "3.2.000.000" }, { "model": "paging server", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "9.1\\(1\\)" }, { "model": "unified contact center enterprise", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "11.6\\(2\\)" }, { "model": "video surveillance operations manager", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "7.14.4" }, { "model": "evolved programmable network manager", "scope": "lte", "trust": 1.0, "vendor": "cisco", "version": "4.1.1" }, { "model": "unified customer voice portal", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.0\\(1\\)" }, { "model": "fxos", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "6.3.0" }, { "model": "connected analytics for network deployment", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "008.000.000" }, { "model": "virtualized infrastructure manager", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "3.4.0" }, { "model": "wan automation engine", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "7.3.0.2" }, { "model": "ucs director", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "6.8.2.0" }, { "model": "system studio", "scope": "eq", "trust": 1.0, "vendor": "intel", "version": null }, { "model": "ucs central software", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.0\\(1f\\)" }, { "model": "unified communications manager", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1\\)" }, { "model": "network dashboard fabric controller", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.3\\(1\\)" }, { "model": "network services orchestrator", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "5.5" }, { "model": "synchro", "scope": "lt", "trust": 1.0, "vendor": "bentley", "version": "6.4.3.2" }, { "model": "prime service catalog", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "12.1" }, { "model": "smart phy", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.1.5" }, { "model": "crosswork network automation", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.0.0" }, { "model": "log4j", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "2.4.0" }, { "model": "audio development kit", "scope": "eq", "trust": 1.0, "vendor": "intel", "version": null }, { "model": "identity services engine", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "002.007\\(000.356\\)" }, { "model": "sd-wan vmanage", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "20.5.1.1" }, { "model": "sd-wan vmanage", "scope": "gte", "trust": 1.0, "vendor": "cisco", "version": "20.6" }, { "model": "evolved programmable network manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "5.1" }, { "model": "connected mobile experiences", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "paging server", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "14.4.1" }, { "model": "energyip prepay", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "3.7" }, { "model": "unified communications manager", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(1.18119.2\\)" }, { "model": "network services orchestrator", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "5.3.5.1" }, { "model": "siveillance control pro", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "*" }, { "model": "sipass integrated", "scope": "eq", "trust": 1.0, "vendor": "siemens", "version": "2.85" }, { "model": "oncommand insight", "scope": "eq", "trust": 1.0, "vendor": "netapp", "version": null }, { "model": "emergency responder", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(4.66000.14\\)" }, { "model": "packaged contact center enterprise", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.6\\(1\\)" }, { "model": "network dashboard fabric controller", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "11.5\\(2\\)" } ], "sources": [ { "db": "NVD", "id": "CVE-2021-44228" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.15.0", "versionStartIncluding": "2.13.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.1", "versionStartIncluding": "2.0.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.12.2", "versionStartIncluding": "2.4.0", "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:siemens:logo\\!_soft_comfort:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.70", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:energyip_prepay:3.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:energyip_prepay:3.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:siveillance_command:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.16.2.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:head-end_system_universal_device_integration_system:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "8.6.2j-398", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:energyip:8.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:energyip:8.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:energyip:8.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:energyip:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:energy_engage:3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:e-car_operation_center:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2021-12-13", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_info_center:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_info_center:5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:captial:2019.1:sp1912:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:navigator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2021-12-13", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:xpedition_package_integrator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:xpedition_enterprise:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:vesys:2019.1:sp1912:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:vesys:2019.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:vesys:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2019.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:vesys:2019.1:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_7:2.30:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.30", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:spectrum_power_7:2.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge_harness_design:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2020", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:captial:2019.1:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:solid_edge_cam_pro:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:siveillance_viewpoint:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:siveillance_vantage:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:siguard_dsa:4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:siguard_dsa:4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:siguard_dsa:4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sentron_powermanager:4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:sentron_powermanager:4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.1.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "3.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:mindsphere:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2021-12-11", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:industrial_edge_management_hub:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2021-12-13", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:industrial_edge_management:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:siemens:captial:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2019.1", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:intel:audio_development_kit:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:system_debugger:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:secure_device_onboard:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:oneapi_sample_browser:-:*:*:*:*:eclipse:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:sensor_solution_firmware_development_kit:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:computer_vision_annotation_tool:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:genomics_kernel_library:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:system_studio:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:intel:data_center_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.1", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.0.12", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:vmware_vsphere:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:packaged_contact_center_enterprise:11.6\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.4.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.3\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "12.5\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:data_center_network_manager:11.3\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:-:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:2.4.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "12.6\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.1.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.6.3.1", "versionStartIncluding": "5.6", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.5.4.1", "versionStartIncluding": "5.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.3.5.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:iot_operations_dashboard:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:intersight_virtual_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.0.9-361", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.1.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.4.5.2", "versionStartIncluding": "5.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:dna_spaces\\:_connector:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.0.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:3.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_platform_infrastructure:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.0.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_platform_infrastructure:4.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_optimization_engine:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_optimization_engine:3.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_controller:3.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_data_gateway:3.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.10.0.1", "versionStartIncluding": "2.10.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.9.1.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cloudcenter:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.10.0.16", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_workload_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_suite_admin:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.3.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_cost_optimizer:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.000.009", "versionStartIncluding": "3.2.000.000", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.1.000.044", "versionStartIncluding": "3.1.000.000", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.0.000.115", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:automated_subsea_tuning:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:nexus_insights:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.0.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:advanced_malware_protection_virtual_private_cloud_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.5.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:customer_experience_cloud_agent:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.12.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:workload_optimization_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_central:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.0\\(1p\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_director:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.8.2.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.3.4.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:optical_network_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.1.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:fog_director:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.2.3.4", "versionStartIncluding": "2.2.3.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.4.2.1", "versionStartIncluding": "20.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.3.2.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.3.0.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.4.4", "versionStartIncluding": "3.4.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.5.1.1", "versionStartIncluding": "20.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_assurance_engine:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.0.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.1.2.8", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "20.6.2.1", "versionStartIncluding": "20.6", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:virtual_topology_system:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.6.7", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.2.2.8", "versionStartIncluding": "2.2.2.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.2.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:prime_service_catalog:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "12.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_mobile_experiences:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_operations_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.14.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.5\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "12.5\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:unified_workforce_optimization:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.5\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:unified_sip_proxy:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.2.1v2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:unified_intelligence_center:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "12.6\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.6", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.6\\(2\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.5\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*", "cpe_name": [], "versionEndExcluding": "11.5\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:-:*:*:*", "cpe_name": [], "versionEndExcluding": "11.5\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:session_management:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:paging_server:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "14.4.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:packaged_contact_center_enterprise:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.6", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:enterprise_chat_and_email:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "12.0\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "11.5\\(4\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:contact_center_management_portal:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "12.5\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:contact_center_domain_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "12.5\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cloud_connect:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "12.6\\(1\\)", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:broadworks:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2021.11_1.162", "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:fxos:6.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:fxos:6.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:fxos:6.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:fxos:6.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:fxos:6.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:fxos:6.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:fxos:7.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:cisco:fxos:7.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:cisco:prime_service_catalog:12.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unity_connection:11.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:4.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:dna_spaces_connector:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(001\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(000\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(001\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(000\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(2\\):-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es02:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es01:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.6\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):su1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_\\\u0026_presence_service:11.5\\(1.22900.6\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_\\\u0026_presence_service:11.5\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.22900.28\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.21900.40\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18900.97\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18119.2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.17900.52\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:paging_server:9.1\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:paging_server:9.0\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:paging_server:9.0\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:paging_server:8.5\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:paging_server:8.4\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:paging_server:8.3\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:paging_server:14.0\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:paging_server:12.5\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.5\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.0\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es03:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es02:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es01:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:enterprise_chat_and_email:12.6\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:enterprise_chat_and_email:12.5\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:enterprise_chat_and_email:12.0\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.66000.14\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.65000.14\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:emergency_responder:11.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_management_portal:12.6\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:broadworks:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_computing_system:006.008\\(001.000\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1l\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1k\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1h\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1g\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1f\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1e\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1d\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1c\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1b\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1a\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:ucs_central_software:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.3.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:002.003\\(002.000\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:sd-wan_vmanage:20.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:optical_network_controller:1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_assurance_engine:6.0\\(2.1912\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:dna_center:2.2.2.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:wan_automation_engine:7.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:virtual_topology_system:2.6.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:smart_phy:3.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:smart_phy:3.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:smart_phy:3.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:smart_phy:3.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:smart_phy:3.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:smart_phy:21.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_services_orchestrator:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:intersight_virtual_appliance:1.0.9-343:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.4\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.3\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.2\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.1\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.0\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(4.018\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(3.025\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(2.26\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(1.26\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unified_workforce_optimization:11.5\\(1\\):sr7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:unity_connection:11.5\\(1.10000.6\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_suite:5.3\\(0\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(0\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_suite:5.4\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:automated_subsea_tuning:02.01.00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:003.002\\(000.116\\):-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:003.001\\(000.518\\):-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:003.000\\(000.458\\):-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:002.007\\(000.356\\):-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:002.006\\(000.156\\):-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:identity_services_engine:002.004\\(000.914\\):-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:network_insights_for_data_center:6.0\\(2.1914\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cx_cloud_agent:001.012:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:mobility_services_engine:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cloudcenter_suite:4.10\\(0.15\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:dna_spaces:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000.000.004:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.003:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.001.001:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.000:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.002.000:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.001.000:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.000.001:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.000:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.004.000.003:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_automation:4.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_automation:4.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_automation:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_automation:3.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:crosswork_network_automation:2.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.010\\(000.000\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.002\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.001\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.000\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.002\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.001\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.000\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:snowsoftware:vm_access_proxy:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.6", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:snowsoftware:snow_commander:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "8.10.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:bentley:synchro_4d:*:*:*:*:pro:*:*:*", "cpe_name": [], "versionEndExcluding": "6.2.4.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:bentley:synchro:*:*:*:*:pro:*:*:*", "cpe_name": [], "versionEndExcluding": "6.4.3.2", "versionStartIncluding": "6.1", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:percussion:rhythmyx:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.3.2", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-44228" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Much of the content of this vulnerability note is derived from Apache Log4j Security Vulnerabilities and http://slf4j.org/log4shell.html.This document was written by Art Manion.", "sources": [ { "db": "CERT/CC", "id": "VU#930724" } ], "trust": 0.8 }, "cve": "CVE-2021-44228", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "VHN-407408", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 6.0, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-44228", "trust": 1.0, "value": "CRITICAL" }, { "author": "CNNVD", "id": "CNNVD-202112-799", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-407408", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-407408" }, { "db": "CNNVD", "id": "CNNVD-202112-799" }, { "db": "NVD", "id": "CVE-2021-44228" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. Apache Log4j allows insecure JNDI lookups that could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the vulnerable Java application using Log4j.CVE-2021-4104 Affected\nCVE-2021-44228 Affected\nCVE-2021-45046 AffectedCVE-2021-4104 Affected\nCVE-2021-44228 Affected\nCVE-2021-45046 Affected. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: Red Hat Data Grid 8.2.2 security update\nAdvisory ID: RHSA-2021:5132-01\nProduct: Red Hat JBoss Data Grid\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:5132\nIssue date: 2021-12-14\nCVE Names: CVE-2021-44228 \n=====================================================================\n\n1. Summary:\n\nAn update for Red Hat Data Grid is now available. \n \nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Description:\n\nRed Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. \nIt increases application response times and allows for dramatically\nimproving performance while providing availability, reliability, and\nelastic scale. \n \nData Grid 8.2.2 replaces Data Grid 8.2.1 and includes bug fixes and\nenhancements. Find out more about Data Grid 8.2.2 in the Release Notes [3]. \n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an\nattacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n3. Solution:\n\nTo install this update, do the following:\n \n1. Download the Data Grid 8.2.2 server patch from the customer portal[\u00b2]. \n2. Back up your existing Data Grid installation. You should back up\ndatabases, configuration files, and so on. \n3. Install the Data Grid 8.2.2 server patch. Refer to the 8.2.2 Release\nNotes[\u00b3] for patching instructions. \n4. Restart Data Grid to ensure the changes take effect. \n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value\n\n5. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-44228\nhttps://access.redhat.com/security/updates/classification/#critical\nhttps://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=70381\u0026product=data.grid\u0026version=8.2\u0026downloadType=patches\nhttps://access.redhat.com/documentation/en-us/red_hat_data_grid/8.2/html-single/red_hat_data_grid_8.2_release_notes/index\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2021-009\n\n6. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYblI0NzjgjWX9erEAQj7mw//TtZnFmrLI6Ts7uC19MnLA/vVPXT1i2Qz\nR1CZ4T7QCZkiJCNXvwYHj7iQgOm5o/seXRE38qGtJWqiyrZMGHVQnDl1Vuhm31jg\n6lxhpjn0kKKZanznosCxF3U2ovLhrEx+5in4piNiyV6CKkkgBV7UvESGWlIKiumq\n1r79DAQ7WdYPoOk+m+b5p/okFJXyD0FcEbrqZcgJQCmR9zyJ6DGAy4N9+cgEgGaC\nQoVZaXa+pUEVjiAOAg0XNcb+GyYSMFwkPUR14NI0V2OHIo97aBg9AG1HrOj3QmSG\n5LR/8zWQbfSbtTIzR67gBGF8F8nvnEeBARYje97Cx2FcHGDFisLHM8OGqFNjU5+I\nHepIdPjwcoy3kPDSfQ9WXx7Iz03tMCbhMWUhH9MRYuUAzCHgsAryZ4AnTBa+Hn7B\n7WHuVf24eFcoJysoWGsbQZDzN5oxqIRXP2mA5k7MVemHV5L+7KV15KyJWaDqTdI+\nDTpw8kP/WboloegmZmaqbPLlfvl91G8LjU5yfLaa+rNHkbyT4G1c3iQm5yLWlsYW\nyfGf+XiZPoF5S6862qdx7YPZG0yTkaUYU0Spnr8eV9wt9uUIp57jczrBzgBKYlN0\nBdNv9DgqbGvhmdz/k95gRZUpdYAvF6J4+Y4h9uXgxqfdGZjFCSlegOG8gleCnvEw\ndfFqyyf+3ZQ=\n=be8O\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Solution:\n\nFor OpenShift Container Platform 4.8 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html\n\nFor Red Hat OpenShift Logging 5.1, see the following instructions to apply\nthis update:\n\nhttps://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html\n\n4. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-1971 - Applying cluster state is causing elasticsearch to hit an issue and become unusable\n\n6. \n\nThe References section of this erratum contains a download link for the\nupdate. You must be logged in to download the update. =========================================================================\nUbuntu Security Notice USN-5192-2\nDecember 17, 2021\n\napache-log4j2 vulnerability\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n\nSummary:\n\nApache Log4j 2 could be made to crash or run programs as an administrator\nif it received a specially crafted input. This update provides\nthe corresponding update for Ubuntu 16.04 ESM. \n\nOriginal advisory details:\n\n Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run\n programs via a special crafted input. An attacker could use this vulnerability\n to cause a denial of service or possibly execute arbitrary code. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n liblog4j2-java 2.4-2ubuntu0.1~esm1\n\nIn general, a standard system update will make all the necessary changes. \n\n2021-12-11: VMSA-2021-0028.1\nUpdated advisory with workaround information for multiple products including vCenter Server Appliance, vRealize Operations, Horizon, vRealize Log Insight, Unified Access Gateway. \n\n2021-12-13: VMSA-2021-0028.2\nRevised advisory with updates to multiple products. \n\\x95\tVMware HCX\n\\x95\tVMware NSX-T Data Center\n\\x95\tVMware WorkspaceOne Access\n\\x95\tVMware Identity Manager \n\\x95\tVMware vRealize Operations Cloud Proxy\n\\x95\tVMware vRealize Lifecycle Manager\n\\x95\tVMware Site Recovery Manager, vSphere Replication\n\\x95\tVMware Carbon Black Cloud Workload Appliance\n\\x95\tVMware Carbon Black EDR Server\n\\x95\tVMware Tanzu GemFire\n\\x95\tVMware Tanzu Greenplum\n\\x95\tVMware Tanzu Operations Manager\n\\x95\tVMware Tanzu Application Service for VMs\n\\x95\tVMware Tanzu Kubernetes Grid Integrated Edition\n\\x95\tVMware Tanzu Observability by Wavefront Nozzle\n\\x95\tHealthwatch for Tanzu Application Service\n\\x95\tSpring Cloud Services for VMware Tanzu\n\\x95\tAPI Portal for VMware Tanzu\n\\x95\tSingle Sign-On for VMware Tanzu Application Service\n\\x95\tApp Metrics\n\\x95\tVMware vCenter Cloud Gateway\n\\x95\tVMware Cloud Foundation\n\\x95\tVMware Workspace ONE Access Connector\n\\x95\tVMware Horizon DaaS\n\\x95\tVMware Horizon Cloud Connector\n\\x95\tVMware NSX Data Center for vSphere\n\\x95\tVMware AppDefense Appliance\n\\x95\tVMware Cloud Director Object Storage Extension\n\nYou are receiving this alert because you are subscribed to the VMware Security Announcements mailing list. To modify your subscription or unsubscribe please visit https://lists.vmware.com/mailman/listinfo/security-announce. Description:\n\nRed Hat Process Automation Manager is an open source business process\nmanagement suite that combines process management and decision service\nmanagement and enables business and IT users to create, manage, validate,\nand deploy process applications and decision services. \n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an\nattacker-controlled string value (CVE-2021-44228)\n\n* jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a\njava.lang.OutOfMemoryError exception (CVE-2020-28491)\n\n* kubernetes-client: fabric8-kubernetes-client: vulnerable to a path\ntraversal leading to integrity and availability compromise (CVE-2021-20218)\n\n* xstream: Arbitrary code execution via unsafe deserialization of\ncom.sun.corba.* (CVE-2021-39149)\n\n* xstream: Arbitrary code execution via unsafe deserialization of\ncom.sun.jndi.ldap.LdapBindingEnumeration (CVE-2021-39145)\n\n* xstream: Arbitrary code execution via unsafe deserialization of\ncom.sun.jndi.ldap.LdapBindingEnumeration (CVE-2021-39151)\n\n* xstream: Arbitrary code execution via unsafe deserialization of\ncom.sun.jndi.ldap.LdapSearchEnumeration (CVE-2021-39147)\n\n* xstream: Arbitrary code execution via unsafe deserialization of\ncom.sun.jndi.toolkit.dir.ContextEnumerator (CVE-2021-39148)\n\n* xstream: Arbitrary code execution via unsafe deserialization of\ncom.sun.xml.internal.ws.client.sei.* (CVE-2021-39141)\n\n* xstream: Arbitrary code execution via unsafe deserialization of\njavax.swing.UIDefaults$ProxyLazyValue (CVE-2021-39146)\n\n* xstream: Arbitrary code execution via unsafe deserialization of\njavax.swing.UIDefaults$ProxyLazyValue (CVE-2021-39154)\n\n* xstream: Arbitrary code execution via unsafe deserialization of\nsun.tracing.* (CVE-2021-39144)\n\n* xstream: Arbitrary code execution via unsafe deserialization of Xalan\nxsltc.trax.TemplatesImpl (CVE-2021-39139)\n\n* xstream: Arbitrary code execution via unsafe deserialization of Xalan\nxsltc.trax.TemplatesImpl (CVE-2021-39153)\n\n* xstream: Infinite loop DoS via unsafe deserialization of\nsun.reflect.annotation.AnnotationInvocationHandler (CVE-2021-39140)\n\n* xstream: remote command execution attack by manipulating the processed\ninput stream (CVE-2021-29505)\n\n* xstream: Server-side request forgery (SSRF) via unsafe deserialization of\ncom.sun.xml.internal.ws.client.sei.* (CVE-2021-39150)\n\n* xstream: Server-side request forgery (SSRF) via unsafe deserialization of\njdk.nashorn.internal.runtime.Source$URLData (CVE-2021-39152)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update; after installing the update,\nrestart the server by starting the JBoss Application Server process. Bugs fixed (https://bugzilla.redhat.com/):\n\n1923405 - CVE-2021-20218 fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise\n1930423 - CVE-2020-28491 jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception\n1966735 - CVE-2021-29505 XStream: remote command execution attack by manipulating the processed input stream\n1997763 - CVE-2021-39139 xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl\n1997765 - CVE-2021-39140 xstream: Infinite loop DoS via unsafe deserialization of sun.reflect.annotation.AnnotationInvocationHandler\n1997769 - CVE-2021-39141 xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*\n1997772 - CVE-2021-39144 xstream: Arbitrary code execution via unsafe deserialization of sun.tracing.*\n1997775 - CVE-2021-39145 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration\n1997777 - CVE-2021-39146 xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue\n1997779 - CVE-2021-39147 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapSearchEnumeration\n1997781 - CVE-2021-39148 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.toolkit.dir.ContextEnumerator\n1997784 - CVE-2021-39149 xstream: Arbitrary code execution via unsafe deserialization of com.sun.corba.*\n1997786 - CVE-2021-39150 xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*\n1997791 - CVE-2021-39151 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration\n1997793 - CVE-2021-39152 xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData\n1997795 - CVE-2021-39153 xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl\n1997801 - CVE-2021-39154 xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue\n2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value\n\n5. \n\nThis update also fixes CVE-2020-9488 in the oldstable distribution\n(buster). Improper validation of certificate with host mismatch in Apache Log4j\nSMTP appender. This could allow an SMTPS connection to be intercepted by a\nman-in-the-middle attack which could leak any log messages sent through that\nappender. \n\nFor the oldstable distribution (buster), this problem has been fixed\nin version 2.15.0-1~deb10u1. \n\nFor the stable distribution (bullseye), this problem has been fixed in\nversion 2.15.0-1~deb11u1. \n\nWe recommend that you upgrade your apache-log4j2 packages. \n\nFor the detailed security status of apache-log4j2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/apache-log4j2\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmG0+YVfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD\nRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7\nUeQvXA/+LIMVC0X80Qc6No564VodtTN3Ci0NyaUcQyZG8Gyo2tPuwKEpOUpmom7f\nwcZvQgKvwxs3Ad1M5Zt/6Ql3v0KbwzBah0v8KUV86B6g4yb+Wno7iKQR1mN47bpz\n2SJPzf6IECwtmz3zYI3fLuJJ/dvAMRlQ+nhPsC8/zJGJgfFHFmDyfG8TtlrYLUHS\nPjpov4C/VllQGJ5MjyVF93OqTCy4V7WxH/RgT1YBOs71KNCq5yPoch35geytSQoM\nKk59qFLQgST2kYhLVxRRbdQAAhbA7W5XythKqphon6nRmlJPHSGkXMf9s0N3cm6K\nZkmvo2/A29FiceZj/bSM4/qw7gqbsJfpSMcTKmxhReolsXAJVj4mGu9cZZTAP7Tb\ng8fl8kGljFd01ka0208eFyILHCR2bAF2xgS1nG6TCc170azDkvW38fZHHkLQIPbF\nTOwxoNv8dHgyT6pfI+BDYKy9pNvrLk/jqXkOpry6nY+Ji/RcjGBDIR3VP25VsMk8\n6zwERE1LX0IvwiaSFBg6oyWW4siINZzFyVXryLvRr/YBIAYKGv+Y1Wn8ageACItW\n2SZjLbK4uBTOHyvPITBgOZSYD7kYcTPxdbb8ntw7Uo489hYXzjYlloTBoUPg1G3o\ngyZnRfW0yYf2bA63I7vVBDTITt8K4H1UkUDEOIUjXGekFLqDnGw=\n=BY2+\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2021-44228" }, { "db": "CERT/CC", "id": "VU#930724" }, { "db": "VULHUB", "id": "VHN-407408" }, { "db": "PACKETSTORM", "id": "165293" }, { "db": "PACKETSTORM", "id": "165286" }, { "db": "PACKETSTORM", "id": "165290" }, { "db": "PACKETSTORM", "id": "165291" }, { "db": "PACKETSTORM", "id": "165324" }, { "db": "PACKETSTORM", "id": "165329" }, { "db": "PACKETSTORM", "id": "165333" }, { "db": "PACKETSTORM", "id": "165348" }, { "db": "PACKETSTORM", "id": "165260" }, { "db": "PACKETSTORM", "id": "165733" }, { "db": "PACKETSTORM", "id": "169172" } ], "trust": 2.7 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-407408", "trust": 0.1, "type": "unknown" } ], "sources": [ { "db": "VULHUB", "id": "VHN-407408" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-44228", "trust": 3.6 }, { "db": "CERT/CC", "id": "VU#930724", "trust": 2.5 }, { "db": "PACKETSTORM", "id": "165260", "trust": 1.8 }, { "db": "PACKETSTORM", "id": "165311", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "165225", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "165532", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "165281", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "165306", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "165673", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "165282", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "165371", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "167794", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "167917", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "165270", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "165261", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "165642", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "165307", "trust": 1.7 }, { "db": "SIEMENS", "id": "SSA-479842", "trust": 1.7 }, { "db": "SIEMENS", "id": "SSA-714170", "trust": 1.7 }, { "db": "SIEMENS", "id": "SSA-661247", "trust": 1.7 }, { "db": "SIEMENS", "id": "SSA-397453", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2021/12/13/1", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2021/12/14/4", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2021/12/10/3", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2021/12/13/2", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2021/12/10/2", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2021/12/15/3", "trust": 1.7 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2021/12/10/1", "trust": 1.7 }, { "db": "PACKETSTORM", "id": "171626", "trust": 1.6 }, { "db": "PACKETSTORM", "id": "165324", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "165733", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "165348", "trust": 0.8 }, { "db": "PACKETSTORM", "id": "166313", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "165279", "trust": 0.7 }, { "db": "EXPLOIT-DB", "id": "50592", "trust": 0.7 }, { "db": "CS-HELP", "id": "SB2022060708", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022012045", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022010629", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022072076", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022021428", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022071316", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022062001", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021122212", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022010908", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021122403", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021121720", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021123016", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022010421", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022031501", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021122907", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022012732", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021121652", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021121492", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022010522", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021121201", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021121535", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021122721", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021122018", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022032006", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022060808", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022011732", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021122401", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021121350", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022030923", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021122811", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022020607", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022012439", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022011042", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022021807", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2022010322", "trust": 0.6 }, { "db": "CS-HELP", "id": "SB2021122122", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0090", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0492", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.4211", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.4187.6", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0237", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.4236", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0332", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0080", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.4186.4", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.4269", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.4198", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.4316", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.4274", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.0247", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2022.1188", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.4302.3", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2021.4256.2", "trust": 0.6 }, { "db": "CXSECURITY", "id": "WLB-2022120027", "trust": 0.6 }, { "db": "CXSECURITY", "id": "WLB-2021120069", "trust": 0.6 }, { "db": "CXSECURITY", "id": "WLB-2022080025", "trust": 0.6 }, { "db": "CXSECURITY", "id": "WLB-2022010065", "trust": 0.6 }, { "db": "LENOVO", "id": "LEN-76573", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-21-357-02", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-22-034-01", "trust": 0.6 }, { "db": "EXPLOIT-DB", "id": "51183", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202112-799", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "165293", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "165329", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "165333", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "165290", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "165291", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "165343", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "165520", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "165295", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "165285", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "165297", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "165298", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "165326", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "165289", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "165264", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "165632", "trust": 0.1 }, { "db": "EXPLOIT-DB", "id": "50590", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-407408", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "165286", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "169172", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#930724" }, { "db": "VULHUB", "id": "VHN-407408" }, { "db": "PACKETSTORM", "id": "165293" }, { "db": "PACKETSTORM", "id": "165286" }, { "db": "PACKETSTORM", "id": "165290" }, { "db": "PACKETSTORM", "id": "165291" }, { "db": "PACKETSTORM", "id": "165324" }, { "db": "PACKETSTORM", "id": "165329" }, { "db": "PACKETSTORM", "id": "165333" }, { "db": "PACKETSTORM", "id": "165348" }, { "db": "PACKETSTORM", "id": "165260" }, { "db": "PACKETSTORM", "id": "165733" }, { "db": "PACKETSTORM", "id": "169172" }, { "db": "CNNVD", "id": "CNNVD-202112-799" }, { "db": "NVD", "id": "CVE-2021-44228" } ] }, "id": "VAR-202112-0566", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-407408" } ], "trust": 0.7309832957142857 }, "last_update_date": "2024-07-23T21:58:00.289000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Apache Log4j Fixes for code issue vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=174249" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-202112-799" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.1 }, { "problemtype": "CWE-400", "trust": 1.1 }, { "problemtype": "CWE-502", "trust": 1.1 }, { "problemtype": "CWE-917", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-407408" }, { "db": "NVD", "id": "CVE-2021-44228" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.3, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-apache-log4j-qruknebd" }, { "trust": 2.3, "url": "http://packetstormsecurity.com/files/167917/mobileiron-log4shell-remote-command-execution.html" }, { "trust": 2.3, "url": "http://packetstormsecurity.com/files/165225/apache-log4j2-2.14.1-remote-code-execution.html" }, { "trust": 2.3, "url": "http://packetstormsecurity.com/files/165311/log4j-scan-extensive-scanner.html" }, { "trust": 2.3, "url": "http://packetstormsecurity.com/files/165371/vmware-security-advisory-2021-0028.4.html" }, { "trust": 2.3, "url": "http://packetstormsecurity.com/files/165532/log4shell-http-header-injection.html" }, { "trust": 2.3, "url": "http://packetstormsecurity.com/files/165642/vmware-vcenter-server-unauthenticated-log4shell-jndi-injection-remote-code-execution.html" }, { "trust": 2.3, "url": "http://packetstormsecurity.com/files/165673/unifi-network-application-unauthenticated-log4shell-remote-code-execution.html" }, { "trust": 1.7, "url": "https://www.kb.cert.org/vuls/id/930724" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf" }, { "trust": 1.7, "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf" }, { "trust": 1.7, "url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2021-0032" }, { "trust": 1.7, "url": "https://security.netapp.com/advisory/ntap-20211210-0007/" }, { "trust": 1.7, "url": "https://support.apple.com/kb/ht213189" }, { "trust": 1.7, "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html" }, { "trust": 1.7, "url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html" }, { "trust": 1.7, "url": "https://www.debian.org/security/2021/dsa-5020" }, { "trust": 1.7, "url": "http://seclists.org/fulldisclosure/2022/mar/23" }, { "trust": 1.7, "url": "http://seclists.org/fulldisclosure/2022/jul/11" }, { "trust": 1.7, "url": "http://seclists.org/fulldisclosure/2022/dec/2" }, { "trust": 1.7, "url": "http://packetstormsecurity.com/files/167794/open-xchange-app-suite-7.10.x-cross-site-scripting-command-injection.html" }, { "trust": 1.7, "url": "https://github.com/nu11secur1ty/cve-mitre/tree/main/cve-2021-44228" }, { "trust": 1.7, "url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html" }, { "trust": 1.7, "url": "http://packetstormsecurity.com/files/165260/vmware-security-advisory-2021-0028.html" }, { "trust": 1.7, "url": "http://packetstormsecurity.com/files/165261/apache-log4j2-2.14.1-information-disclosure.html" }, { "trust": 1.7, "url": "http://packetstormsecurity.com/files/165270/apache-log4j2-2.14.1-remote-code-execution.html" }, { "trust": 1.7, "url": "http://packetstormsecurity.com/files/165281/log4j2-log4shell-regexes.html" }, { "trust": 1.7, "url": "http://packetstormsecurity.com/files/165282/log4j-payload-generator.html" }, { "trust": 1.7, "url": "http://packetstormsecurity.com/files/165306/l4sh-log4j-remote-code-execution.html" }, { "trust": 1.7, "url": "http://packetstormsecurity.com/files/165307/log4j-remote-code-execution-word-bypassing.html" }, { "trust": 1.7, "url": "https://github.com/cisagov/log4j-affected-db/blob/develop/software-list.md" }, { "trust": 1.7, "url": "https://logging.apache.org/log4j/2.x/security.html" }, { "trust": 1.7, "url": "https://twitter.com/kurtseifried/status/1469345530182455296" }, { "trust": 1.7, "url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001" }, { "trust": 1.7, "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "trust": 1.7, "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "trust": 1.7, "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2021/12/10/1" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2021/12/10/2" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2021/12/10/3" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2021/12/13/1" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2021/12/13/2" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2021/12/14/4" }, { "trust": 1.7, "url": "http://www.openwall.com/lists/oss-security/2021/12/15/3" }, { "trust": 1.7, "url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/" }, { "trust": 1.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-44228" }, { "trust": 1.6, "url": "http://packetstormsecurity.com/files/171626/ad-manager-plus-7122-remote-code-execution.html" }, { "trust": 1.3, "url": "https://access.redhat.com/security/cve/cve-2021-44228" }, { "trust": 1.1, "url": "https://github.com/cisagov/log4j-affected-db" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/m5csvunv4hwzzxgoknsk6l7rpm7bokib/" }, { "trust": 1.0, "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vu57ujdcfiasio35gc55jmksrxjmcdfm/" }, { "trust": 0.8, "url": "cve-2021-4104 " }, { "trust": 0.8, "url": "cve-2021-44228 " }, { "trust": 0.8, "url": "cve-2021-45046 " }, { "trust": 0.7, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/m5csvunv4hwzzxgoknsk6l7rpm7bokib/" }, { "trust": 0.7, "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/vu57ujdcfiasio35gc55jmksrxjmcdfm/" }, { "trust": 0.7, "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.7, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.7, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.6, "url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-009" }, { "trust": 0.6, "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022010908" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022060808" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022010629" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022072076" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/165733/red-hat-security-advisory-2022-0296-03.html" }, { "trust": 0.6, "url": "https://www.ibm.com/support/pages/node/6527216" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.4186.4" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.4316" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0080" }, { "trust": 0.6, "url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2021-44228" }, { "trust": 0.6, "url": "https://www.ibm.com/support/pages/node/6528268" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021122212" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022012732" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021121201" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.4302.3" }, { "trust": 0.6, "url": "https://www.exploit-db.com/exploits/50592" }, { "trust": 0.6, "url": "https://cxsecurity.com/issue/wlb-2022080025" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022011042" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021121720" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021122018" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0237" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021122811" }, { "trust": 0.6, "url": "https://cxsecurity.com/issue/wlb-2022010065" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021122401" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022011732" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022021807" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/165324/ubuntu-security-notice-usn-5197-1.html" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021123016" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021121350" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.4211" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021122122" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022062001" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021122403" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021122721" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022010522" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022010322" }, { "trust": 0.6, "url": "https://cxsecurity.com/issue/wlb-2022120027" }, { "trust": 0.6, "url": "https://www.ibm.com/support/pages/node/6525816" }, { "trust": 0.6, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20211215-01-log4j-cn" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-357-02" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021122907" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022060708" }, { "trust": 0.6, "url": "https://www.exploit-db.com/exploits/51183" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022021428" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/166313/apple-security-advisory-2022-03-14-7.html" }, { "trust": 0.6, "url": "https://www.ibm.com/support/pages/node/6526220" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/apache-log4j-code-execution-via-jndi-remote-class-injection-37049" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.4269" }, { "trust": 0.6, "url": "https://support.apple.com/en-us/ht213189" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022012439" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022020607" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.4256.2" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022071316" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022032006" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0332" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022030923" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.1188" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0492" }, { "trust": 0.6, "url": "https://www.ibm.com/support/pages/node/6526754" }, { "trust": 0.6, "url": "https://cxsecurity.com/issue/wlb-2021120069" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0090" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.4236" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021121652" }, { "trust": 0.6, "url": "https://www.ibm.com/support/pages/node/6527330" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.4198" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021121492" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.4187.6" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022031501" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/165279/ubuntu-security-notice-usn-5192-1.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/165348/ubuntu-security-notice-usn-5192-2.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.4274" }, { "trust": 0.6, "url": "https://support.lenovo.com/us/en/product_security/len-76573" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022012045" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2021121535" }, { "trust": 0.6, "url": "https://www.cybersecurity-help.cz/vdb/sb2022010421" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2022.0247" }, { "trust": 0.6, "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-034-01" }, { "trust": 0.3, "url": "https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html" }, { "trust": 0.2, "url": "https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2021-45046" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45046" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:5132" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.2/html-single/red_hat_data_grid_8.2_release_notes/index" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/softwaredetail.html?softwareid=70381\u0026product=data.grid\u0026version=8.2\u0026downloadtype=patches" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-16135" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3200" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2018-25013" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25012" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-35522" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5827" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-35524" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-20673" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25013" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25009" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-27645" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-33574" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-13435" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-5827" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-24370" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-43527" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-14145" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-13751" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2018-25014" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-19603" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-14145" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2018-25012" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-35521" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-35942" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-17594" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35524" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24370" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3572" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-12762" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-36086" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3778" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35522" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13750" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13751" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-22898" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-12762" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-16135" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-36084" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-37136" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-17541" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3800" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17594" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-36087" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-36331" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3712" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-31535" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35523" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23841" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3445" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-13435" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-19603" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-22925" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:5128" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2018-20673" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-23840" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-36330" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18218" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-20232" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-20266" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-20838" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-22876" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-20231" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-36332" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-14155" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25010" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20838" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-17541" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25014" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-36085" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-37137" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-21409" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-33560" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-17595" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3481" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-42574" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-14155" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2018-25009" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2018-25010" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-35523" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-28153" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-13750" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3426" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-18218" }, { "trust": 0.1, "url": "https://docs.openshift.com/container-platform/4.8/logging/cluster-logging-upgrading.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3580" }, { "trust": 0.1, "url": "https://issues.jboss.org/):" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-3796" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17595" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-36330" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-35521" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:5093" }, { "trust": 0.1, "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product\\xcatrhoar.eclipse.vertx\u0026version=4.1.5.sp1" }, { "trust": 0.1, "url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_eclipse_vert.x/4.1/html/release_notes_for_eclipse_vert.x_4.1/index" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:5108" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/apache-log4j2/2.16.0-0.21.10.1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/apache-log4j2/2.16.0-0.20.04.1" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-5197-1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/apache-log4j2/2.16.0-0.21.04.1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4104" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-4104" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:5148" }, { "trust": 0.1, "url": "https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2021:5106" }, { "trust": 0.1, "url": "https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-5192-1" }, { "trust": 0.1, "url": "https://ubuntu.com/security/notices/usn-5192-2" }, { "trust": 0.1, "url": "https://www.vmware.com/security/advisories/vmsa-2021-0028.html" }, { "trust": 0.1, "url": "http://lists.vmware.com/mailman/listinfo/security-announce" }, { "trust": 0.1, "url": "https://lists.vmware.com/mailman/listinfo/security-announce." }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39139" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39141" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39154" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-20218" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-20218" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-29505" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39145" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2022:0296" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39144" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39149" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39150" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39151" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39140" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39148" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-29505" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39151" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39153" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39152" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39147" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39150" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39139" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39153" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39144" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39146" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39152" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39148" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2020-28491" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39146" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39140" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39149" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39147" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-39145" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39154" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-28491" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2021-39141" }, { "trust": 0.1, "url": "https://www.debian.org/security/faq" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9488" }, { "trust": 0.1, "url": "https://www.debian.org/security/" }, { "trust": 0.1, "url": "https://security-tracker.debian.org/tracker/apache-log4j2" } ], "sources": [ { "db": "CERT/CC", "id": "VU#930724" }, { "db": "VULHUB", "id": "VHN-407408" }, { "db": "PACKETSTORM", "id": "165293" }, { "db": "PACKETSTORM", "id": "165286" }, { "db": "PACKETSTORM", "id": "165290" }, { "db": "PACKETSTORM", "id": "165291" }, { "db": "PACKETSTORM", "id": "165324" }, { "db": "PACKETSTORM", "id": "165329" }, { "db": "PACKETSTORM", "id": "165333" }, { "db": "PACKETSTORM", "id": "165348" }, { "db": "PACKETSTORM", "id": "165260" }, { "db": "PACKETSTORM", "id": "165733" }, { "db": "PACKETSTORM", "id": "169172" }, { "db": "CNNVD", "id": "CNNVD-202112-799" }, { "db": "NVD", "id": "CVE-2021-44228" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#930724" }, { "db": "VULHUB", "id": "VHN-407408" }, { "db": "PACKETSTORM", "id": "165293" }, { "db": "PACKETSTORM", "id": "165286" }, { "db": "PACKETSTORM", "id": "165290" }, { "db": "PACKETSTORM", "id": "165291" }, { "db": "PACKETSTORM", "id": "165324" }, { "db": "PACKETSTORM", "id": "165329" }, { "db": "PACKETSTORM", "id": "165333" }, { "db": "PACKETSTORM", "id": "165348" }, { "db": "PACKETSTORM", "id": "165260" }, { "db": "PACKETSTORM", "id": "165733" }, { "db": "PACKETSTORM", "id": "169172" }, { "db": "CNNVD", "id": "CNNVD-202112-799" }, { "db": "NVD", "id": "CVE-2021-44228" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-12-15T00:00:00", "db": "CERT/CC", "id": "VU#930724" }, { "date": "2021-12-10T00:00:00", "db": "VULHUB", "id": "VHN-407408" }, { "date": "2021-12-15T15:24:58", "db": "PACKETSTORM", "id": "165293" }, { "date": "2021-12-15T15:20:33", "db": "PACKETSTORM", "id": "165286" }, { "date": "2021-12-15T15:23:24", "db": "PACKETSTORM", "id": "165290" }, { "date": "2021-12-15T15:23:37", "db": "PACKETSTORM", "id": "165291" }, { "date": "2021-12-16T15:20:38", "db": "PACKETSTORM", "id": "165324" }, { "date": "2021-12-16T15:25:46", "db": "PACKETSTORM", "id": "165329" }, { "date": "2021-12-16T15:34:27", "db": "PACKETSTORM", "id": "165333" }, { "date": "2021-12-17T14:06:52", "db": "PACKETSTORM", "id": "165348" }, { "date": "2021-12-14T15:27:58", "db": "PACKETSTORM", "id": "165260" }, { "date": "2022-01-27T14:23:56", "db": "PACKETSTORM", "id": "165733" }, { "date": "2021-12-28T20:12:00", "db": "PACKETSTORM", "id": "169172" }, { "date": "2021-12-10T00:00:00", "db": "CNNVD", "id": "CNNVD-202112-799" }, { "date": "2021-12-10T10:15:09.143000", "db": "NVD", "id": "CVE-2021-44228" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2022-02-07T00:00:00", "db": "CERT/CC", "id": "VU#930724" }, { "date": "2023-02-06T00:00:00", "db": "VULHUB", "id": "VHN-407408" }, { "date": "2023-04-04T00:00:00", "db": "CNNVD", "id": "CNNVD-202112-799" }, { "date": "2023-11-07T03:39:36.897000", "db": "NVD", "id": "CVE-2021-44228" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "165348" }, { "db": "PACKETSTORM", "id": "165260" }, { "db": "CNNVD", "id": "CNNVD-202112-799" } ], "trust": 0.8 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache Log4j allows insecure JNDI lookups", "sources": [ { "db": "CERT/CC", "id": "VU#930724" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "code execution", "sources": [ { "db": "PACKETSTORM", "id": "165293" }, { "db": "PACKETSTORM", "id": "165286" }, { "db": "PACKETSTORM", "id": "165290" }, { "db": "PACKETSTORM", "id": "165291" }, { "db": "PACKETSTORM", "id": "165329" }, { "db": "PACKETSTORM", "id": "165333" }, { "db": "PACKETSTORM", "id": "165260" }, { "db": "PACKETSTORM", "id": "165733" } ], "trust": 0.8 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.