var-202112-0566
Vulnerability from variot
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. JIRA issues fixed (https://issues.jboss.org/):
LOG-1775 - [release-5.2] Syslog output is serializing json incorrectly LOG-1824 - [release-5.2] Rejected by Elasticsearch and unexpected json-parsing LOG-1963 - [release-5.2] CLO panic: runtime error: slice bounds out of range [:-1] LOG-1970 - Applying cluster state is causing elasticsearch to hit an issue and become unusable
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Low: Red Hat JBoss Enterprise Application Platform 7.4 security update Advisory ID: RHSA-2021:5140-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://access.redhat.com/errata/RHSA-2021:5140 Issue date: 2021-12-15 CVE Names: CVE-2021-44228 ==================================================================== 1. Summary:
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.
Security Fix(es):
- log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
- Solution:
Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.
The References section of this erratum contains a download link (you must log in to download the update).
- Bugs fixed (https://bugzilla.redhat.com/):
2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value
- References:
https://access.redhat.com/security/cve/CVE-2021-44228 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches&product=appplatform&version=7.4 https://access.redhat.com/solutions/6577421 https://access.redhat.com/security/vulnerabilities/RHSB-2021-009 https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/ https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYbmdF9zjgjWX9erEAQg7Bg//QTWXVl6Au/rNu96FO/u13bKZFX6Rj1Ev 6q++z9GpMumsxMxpXAkNGLk8rsB23XXC0gnOJjP8u0cZ+qN9l+Z1KG25bvJywm8t VrRcwsxlvxzOODp8ongvkJ20rARAHEyMtSjTy/NkSNiZUBHWTqw0u7LDwaaO+r8T fEmRC3t4GJ1gUiqjMeLWjpi7bvl4GcXDHD+Jbf4a10PHYZAC5I0Oh4j/DJYH31CT cbKOd4CCiuERnbR1Y/ZCWNxpgonwCD12Q+bXbmTc+/oGW0zmqI5OwXgy2w56yCdy EYXUfPK2e0EoFCcQxa4yC2YmRS6VRix1KYLy5XKaHFaV4RRqkbsL2yDCr4/EUeRy a7jeJK7wcbpbR0iKijQJuF00+pqpOmBn5sqV5P+IUyD7Iwt6C5OqsRinLS6OWP7D 85iS55Vf7bY8ZLvz8x7v3IsFx6vuLV6YD8S504oKrX5aQI/pUYz9XVH7hMAlhFdB wlETMdxdk6oiEpPwi9/DBse0/aFGLuXW9vDD5X6BzW9ZZs+cpyJGtWH6ep5lVear Fi4N7Easy+iT/K8g9tJOiTy9O2SIr5S2AJvmu7j9YqXtm2qOPuY8U8FjaXXFVDgF maPElBFrg9V46XaBp1IQXH3UZ6869nP9XMt2kh8rCm3zHbA6R5kzaXW93hbzKJcl abX8PaJHiOs=v55Q -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . The purpose of this text-only errata is to inform you about the security issues fixed in this release. Description:
The releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to Red Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security fixes, which are documented in the Release Notes document linked to in the References.
Installation instructions are available from the Fuse product documentation pages:
Fuse 7.8: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications
Fuse 7.9: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications
Fuse 7.10: https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2022-03-14-7 Xcode 13.3
Xcode 13.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213189.
iTMSTransporter Available for: macOS Monterey 12 and later Impact: Multiple issues in iTMSTransporter Description: Multiple issues were addressed with updating FasterXML jackson-databind and Apache Log4j2. CVE-2019-14379 CVE-2021-44228
otool Available for: macOS Monterey 12 and later Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2022-22601: hjy79425575 CVE-2022-22602: hjy79425575 CVE-2022-22603: hjy79425575 CVE-2022-22604: hjy79425575 CVE-2022-22605: hjy79425575 CVE-2022-22606: hjy79425575 CVE-2022-22607: hjy79425575 CVE-2022-22608: hjy79425575
Additional recognition
iTMSTransporter We would like to acknowledge Anthony Shaw of Microsoft for their assistance.
ld64 We would like to acknowledge Pan ZhenPeng (@Peterpan0927) of Alibaba Security Pandora Lab for their assistance.
Xcode IDE We would like to acknowledge an anonymous researcher for their assistance.
Xcode 13.3 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "Xcode 13.3". All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222.
2021-12-11: VMSA-2021-0028.1 Updated advisory with workaround information for multiple products including vCenter Server Appliance, vRealize Operations, Horizon, vRealize Log Insight, Unified Access Gateway.
2021-12-13: VMSA-2021-0028.2 Revised advisory with updates to multiple products. \x95 VMware HCX \x95 VMware NSX-T Data Center \x95 VMware WorkspaceOne Access \x95 VMware Identity Manager \x95 VMware vRealize Operations Cloud Proxy \x95 VMware vRealize Lifecycle Manager \x95 VMware Site Recovery Manager, vSphere Replication \x95 VMware Carbon Black Cloud Workload Appliance \x95 VMware Carbon Black EDR Server \x95 VMware Tanzu GemFire \x95 VMware Tanzu Greenplum \x95 VMware Tanzu Operations Manager \x95 VMware Tanzu Application Service for VMs \x95 VMware Tanzu Kubernetes Grid Integrated Edition \x95 VMware Tanzu Observability by Wavefront Nozzle \x95 Healthwatch for Tanzu Application Service \x95 Spring Cloud Services for VMware Tanzu \x95 API Portal for VMware Tanzu \x95 Single Sign-On for VMware Tanzu Application Service \x95 App Metrics \x95 VMware vCenter Cloud Gateway \x95 VMware Cloud Foundation \x95 VMware Workspace ONE Access Connector \x95 VMware Horizon DaaS \x95 VMware Horizon Cloud Connector \x95 VMware NSX Data Center for vSphere \x95 VMware AppDefense Appliance \x95 VMware Cloud Director Object Storage Extension
You are receiving this alert because you are subscribed to the VMware Security Announcements mailing list. To modify your subscription or unsubscribe please visit https://lists.vmware.com/mailman/listinfo/security-announce.
This update also fixes CVE-2020-9488 in the oldstable distribution (buster). Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender.
For the oldstable distribution (buster), this problem has been fixed in version 2.15.0-1~deb10u1.
For the stable distribution (bullseye), this problem has been fixed in version 2.15.0-1~deb11u1.
We recommend that you upgrade your apache-log4j2 packages.
For the detailed security status of apache-log4j2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/apache-log4j2
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmG0+YVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQvXA/+LIMVC0X80Qc6No564VodtTN3Ci0NyaUcQyZG8Gyo2tPuwKEpOUpmom7f wcZvQgKvwxs3Ad1M5Zt/6Ql3v0KbwzBah0v8KUV86B6g4yb+Wno7iKQR1mN47bpz 2SJPzf6IECwtmz3zYI3fLuJJ/dvAMRlQ+nhPsC8/zJGJgfFHFmDyfG8TtlrYLUHS Pjpov4C/VllQGJ5MjyVF93OqTCy4V7WxH/RgT1YBOs71KNCq5yPoch35geytSQoM Kk59qFLQgST2kYhLVxRRbdQAAhbA7W5XythKqphon6nRmlJPHSGkXMf9s0N3cm6K Zkmvo2/A29FiceZj/bSM4/qw7gqbsJfpSMcTKmxhReolsXAJVj4mGu9cZZTAP7Tb g8fl8kGljFd01ka0208eFyILHCR2bAF2xgS1nG6TCc170azDkvW38fZHHkLQIPbF TOwxoNv8dHgyT6pfI+BDYKy9pNvrLk/jqXkOpry6nY+Ji/RcjGBDIR3VP25VsMk8 6zwERE1LX0IvwiaSFBg6oyWW4siINZzFyVXryLvRr/YBIAYKGv+Y1Wn8ageACItW 2SZjLbK4uBTOHyvPITBgOZSYD7kYcTPxdbb8ntw7Uo489hYXzjYlloTBoUPg1G3o gyZnRfW0yYf2bA63I7vVBDTITt8K4H1UkUDEOIUjXGekFLqDnGw= =BY2+ -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202112-0566",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "siveillance command",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.16.2.1"
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "paging server",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "14.4.1"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.4"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.6.0"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "common services platform collector",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.9.1.3"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "006.005.000.000"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.7.0"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.7"
},
{
"model": "finesse",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "unified contact center management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "synchro",
"scope": "lt",
"trust": 1.0,
"vendor": "bentley",
"version": "6.4.3.2"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "006.005.000."
},
{
"model": "network insights for data center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(2.1914\\)"
},
{
"model": "active iq unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "sentron powermanager",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.1"
},
{
"model": "dna center",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.2.8"
},
{
"model": "dna center",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.3.4"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "siguard dsa",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.4"
},
{
"model": "snapcenter",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "crosswork platform infrastructure",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.0"
},
{
"model": "mindsphere",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2021-12-11"
},
{
"model": "energyip",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "9.0"
},
{
"model": "sd-wan vmanage",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.6"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3.0"
},
{
"model": "mobility services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "vesys",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2019.1"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "8.5\\(1\\)"
},
{
"model": "siguard dsa",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.2"
},
{
"model": "wan automation engine",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.3.0.2"
},
{
"model": "finesse",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "video surveillance operations manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.14.4"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "003.002\\(000.116\\)"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.1.0"
},
{
"model": "virtual topology system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6.6"
},
{
"model": "network services orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3.5.1"
},
{
"model": "unified communications manager im and presence service",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "virtualized infrastructure manager",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4.0"
},
{
"model": "teamcenter",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1c\\)"
},
{
"model": "genomics kernel library",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "cloudcenter suite admin",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3.1"
},
{
"model": "integrated management controller supervisor",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.2.0"
},
{
"model": "crosswork network controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0"
},
{
"model": "intersight virtual appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.9-343"
},
{
"model": "log4j",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.3.1"
},
{
"model": "dna center",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1.2.8"
},
{
"model": "crosswork optimization engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0"
},
{
"model": "network assurance engine",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0.2"
},
{
"model": "sd-wan vmanage",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "sd-wan vmanage",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4.2.1"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "008.000.000.000.004"
},
{
"model": "finesse",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "e-car operation center",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2021-12-13"
},
{
"model": "cloud manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "head-end system universal device integration system",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "xpedition enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "identity services engine",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.4.0"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.009\\(000.001\\)"
},
{
"model": "email security",
"scope": "lt",
"trust": 1.0,
"vendor": "sonicwall",
"version": "10.0.12"
},
{
"model": "prime service catalog",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.0\\(2\\)"
},
{
"model": "captial",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2019.1"
},
{
"model": "evolved programmable network manager",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "intersight virtual appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.9-361"
},
{
"model": "common services platform collector",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.10.0.1"
},
{
"model": "business process automation",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.000.115"
},
{
"model": "network services orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "5.4"
},
{
"model": "dna spaces\\: connector",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "log4j",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.0.1"
},
{
"model": "solid edge harness design",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2020"
},
{
"model": "evolved programmable network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.6.0"
},
{
"model": "sd-wan vmanage",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5.1.1"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "010.002\\(000\\)"
},
{
"model": "crosswork zero touch provisioning",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "enterprise chat and email",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0\\(1\\)"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.009\\(000.002\\)"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1l\\)"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "smart phy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.1"
},
{
"model": "data center network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.3\\(1\\)"
},
{
"model": "audio development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "unified intelligence center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(2\\)"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0\\(1\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.17900.52\\)"
},
{
"model": "dna spaces connector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "unified contact center enterprise",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6\\(2\\)"
},
{
"model": "desigo cc advanced reports",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.0"
},
{
"model": "unified communications manager im and presence service",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "log4j",
"scope": "eq",
"trust": 1.0,
"vendor": "apache",
"version": "2.0"
},
{
"model": "network assurance engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(2.1912\\)"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1h\\)"
},
{
"model": "data center network manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.3\\(1\\)"
},
{
"model": "cloudcenter suite",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3\\(0\\)"
},
{
"model": "packaged contact center enterprise",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "oncommand insight",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.6"
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "unified communications manager im \\\u0026 presence service",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "advanced malware protection virtual private cloud appliance",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.5.4"
},
{
"model": "cloudcenter cost optimizer",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.5.2"
},
{
"model": "virtualized infrastructure manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.4.4"
},
{
"model": "cloudcenter suite",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.5\\(1\\)"
},
{
"model": "unified sip proxy",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "10.2.1v2"
},
{
"model": "energyip",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "8.5"
},
{
"model": "video surveillance manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.14\\(2.26\\)"
},
{
"model": "packaged contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6\\(1\\)"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.004\\(000.914\\)"
},
{
"model": "connected mobile experiences",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "log4j",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.13.0"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.1\\(1\\)"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "007.003.001.001"
},
{
"model": "business process automation",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.000.000"
},
{
"model": "emergency responder",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(4\\)"
},
{
"model": "desigo cc info center",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "fog director",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "010.000\\(001\\)"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.1\\(1\\)"
},
{
"model": "business process automation",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.000.044"
},
{
"model": "enterprise chat and email",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(2\\)"
},
{
"model": "smart phy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.5"
},
{
"model": "cloudcenter",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "4.10.0.16"
},
{
"model": "ucs director",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.8.2.0"
},
{
"model": "workload optimization manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.1"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.5"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.6.1"
},
{
"model": "nx",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "video surveillance manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.14\\(1.26\\)"
},
{
"model": "siveillance identity",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.5"
},
{
"model": "evolved programmable network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "003.000\\(000.458\\)"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "14.0\\(1\\)"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "sipass integrated",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2.85"
},
{
"model": "dna center",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.2.0"
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.006\\(000.156\\)"
},
{
"model": "unified computing system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "006.008\\(001.000\\)"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "smart phy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "21.3"
},
{
"model": "energyip",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "8.7"
},
{
"model": "enterprise chat and email",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0\\(1\\)"
},
{
"model": "sd-wan vmanage",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "20.4"
},
{
"model": "smart phy",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.1"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.009\\(001.000\\)"
},
{
"model": "synchro",
"scope": "gte",
"trust": 1.0,
"vendor": "bentley",
"version": "6.1"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "sentron powermanager",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.2"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.5.0"
},
{
"model": "integrated management controller supervisor",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.003\\(002.000\\)"
},
{
"model": "network services orchestrator",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "business process automation",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.000.000"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.009\\(000.000\\)"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1a\\)"
},
{
"model": "nexus dashboard",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1.2"
},
{
"model": "unified workforce optimization",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "evolved programmable network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "spectrum power 7",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2.30"
},
{
"model": "gma-manager",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "8.6.2j-398"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "ontap tools",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "solid edge harness design",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2020"
},
{
"model": "contact center domain manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "virtualized voice browser",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "system studio",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.010\\(000.000\\)"
},
{
"model": "network services orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.4.5.2"
},
{
"model": "crosswork network automation",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.1"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(4.66000.14\\)"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "010.000\\(000\\)"
},
{
"model": "dna center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.2.8"
},
{
"model": "system debugger",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "sd-wan vmanage",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.3.4.1"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "8.3\\(1\\)"
},
{
"model": "cloud insights",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1k\\)"
},
{
"model": "industrial edge management",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "unified intelligence center",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.009\\(001.001\\)"
},
{
"model": "desigo cc info center",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "dna center",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.3.0"
},
{
"model": "crosswork network automation",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.0"
},
{
"model": "cyber vision",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "unified contact center express",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "007.002.000"
},
{
"model": "mendix",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "unified sip proxy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "010.002\\(001\\)"
},
{
"model": "sensor solution development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "cyber vision sensor management extension",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.3"
},
{
"model": "video surveillance manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.14\\(4.018\\)"
},
{
"model": "crosswork network controller",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.0\\(1\\)"
},
{
"model": "desigo cc advanced reports",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.1"
},
{
"model": "secure device onboard",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "sd-wan vmanage",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "20.6.2.1"
},
{
"model": "operation scheduler",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1.3"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6\\(2\\)"
},
{
"model": "unity connection",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1g\\)"
},
{
"model": "virtualized infrastructure manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.0"
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0.0"
},
{
"model": "crosswork data gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0"
},
{
"model": "evolved programmable network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.0"
},
{
"model": "siveillance control pro",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(2\\)"
},
{
"model": "comos",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "integrated management controller supervisor",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.3.2.1"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.3"
},
{
"model": "vm access proxy",
"scope": "lt",
"trust": 1.0,
"vendor": "snowsoftware",
"version": "3.6"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.5.0"
},
{
"model": "unified workforce optimization",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "energy engage",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "unified customer voice portal",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6"
},
{
"model": "video surveillance manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.14\\(3.025\\)"
},
{
"model": "smart phy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.4"
},
{
"model": "spectrum power 7",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.30"
},
{
"model": "crosswork data gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.2"
},
{
"model": "webex meetings server",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.18900.97\\)"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "cloud connect",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2.3"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "8.4\\(1\\)"
},
{
"model": "cloudcenter suite",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.4\\(1\\)"
},
{
"model": "log4j",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)su3"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "rhythmyx",
"scope": "lte",
"trust": 1.0,
"vendor": "percussion",
"version": "7.3.2"
},
{
"model": "xpedition package integrator",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.4\\(1\\)"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.6"
},
{
"model": "crosswork network automation",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.1.0"
},
{
"model": "computer vision annotation tool",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "customer experience cloud agent",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.12.1"
},
{
"model": "desigo cc advanced reports",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.1"
},
{
"model": "captial",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2019.1"
},
{
"model": "optical network controller",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1.0"
},
{
"model": "network services orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.6.3.1"
},
{
"model": "cloudcenter suite",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.10\\(0.15\\)"
},
{
"model": "energyip prepay",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "3.7"
},
{
"model": "paging server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.0\\(1\\)"
},
{
"model": "xcode",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "13.3"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "003.001\\(000.518\\)"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "007.000.001"
},
{
"model": "crosswork network automation",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.0\\(1\\)"
},
{
"model": "desigo cc advanced reports",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.2"
},
{
"model": "siguard dsa",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.3"
},
{
"model": "sipass integrated",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2.80"
},
{
"model": "crosswork optimization engine",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "spectrum power 4",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "4.70"
},
{
"model": "navigator",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2021-12-13"
},
{
"model": "desigo cc advanced reports",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5"
},
{
"model": "crosswork zero touch provisioning",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0"
},
{
"model": "snow commander",
"scope": "lt",
"trust": 1.0,
"vendor": "snowsoftware",
"version": "8.10.0"
},
{
"model": "opcenter intelligence",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "3.2"
},
{
"model": "sppa-t3000 ses3000",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "synchro 4d",
"scope": "lt",
"trust": 1.0,
"vendor": "bentley",
"version": "6.2.4.2"
},
{
"model": "siveillance vantage",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "evolved programmable network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "cyber vision sensor management extension",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.2"
},
{
"model": "network services orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "5.6"
},
{
"model": "common services platform collector",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.009\\(001.002\\)"
},
{
"model": "energyip",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "8.6"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "business process automation",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.2.000.009"
},
{
"model": "crosswork platform infrastructure",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0.1"
},
{
"model": "automated subsea tuning",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "02.01.00"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(2\\)"
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1b\\)"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(2\\)"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.3\\(1\\)"
},
{
"model": "cloudcenter workload manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.5.2"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0.0"
},
{
"model": "log4j",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.12.2"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.7.0"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1e\\)"
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.6\\(1\\)"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2.2"
},
{
"model": "contact center management portal",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "network services orchestrator",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "5.5.4.1"
},
{
"model": "evolved programmable network manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.10000.6\\)"
},
{
"model": "smart phy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.3"
},
{
"model": "data center manager",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "5.1"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.1.3"
},
{
"model": "automated subsea tuning",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1.0"
},
{
"model": "unified communications manager im \\\u0026 presence service",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.22900.6\\)"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3.0"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "002.007\\(000.356\\)"
},
{
"model": "emergency responder",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(4.65000.14\\)"
},
{
"model": "virtual topology system",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6.7"
},
{
"model": "industrial edge management hub",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2021-12-13"
},
{
"model": "unified communications manager",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1\\)"
},
{
"model": "crosswork network automation",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.0"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.18119.2\\)"
},
{
"model": "sd-wan vmanage",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "20.8"
},
{
"model": "fxos",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.1.0"
},
{
"model": "unified customer voice portal",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "log4j",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.15.0"
},
{
"model": "vesys",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "2019.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "008.000.000"
},
{
"model": "enterprise chat and email",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "006.004.000.003"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "007.003.000"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1d\\)"
},
{
"model": "broadworks",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2021.11_1.162"
},
{
"model": "cloudcenter suite",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.5\\(0\\)"
},
{
"model": "solid edge cam pro",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "ucs central software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1f\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.22900.28\\)"
},
{
"model": "logo\\! soft comfort",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "cx cloud agent",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "001.012"
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(3\\)"
},
{
"model": "unified contact center enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.21900.40\\)"
},
{
"model": "iot operations dashboard",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "energyip prepay",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "3.8"
},
{
"model": "broadworks",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.6\\(1\\)"
},
{
"model": "spectrum power 4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.70"
},
{
"model": "dna spaces",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "oneapi sample browser",
"scope": "eq",
"trust": 1.0,
"vendor": "intel",
"version": null
},
{
"model": "nexus insights",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0.2"
},
{
"model": "optical network controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "wan automation engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2.1"
},
{
"model": "siveillance identity",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "1.6"
},
{
"model": "ucs central",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0\\(1p\\)"
},
{
"model": "common services platform collector",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.10.0"
},
{
"model": "network services orchestrator",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "5.5"
},
{
"model": "smart phy",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.1.2"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "007.001.000"
},
{
"model": "identity services engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.4.0"
},
{
"model": "prime service catalog",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "siveillance viewpoint",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "connected analytics for network deployment",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "007.003.003"
},
{
"model": "cloud secure agent",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "network dashboard fabric controller",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "11.2\\(1\\)"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "165287"
},
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165291"
},
{
"db": "PACKETSTORM",
"id": "165298"
},
{
"db": "PACKETSTORM",
"id": "165329"
},
{
"db": "PACKETSTORM",
"id": "165333"
},
{
"db": "PACKETSTORM",
"id": "165632"
}
],
"trust": 0.7
},
"cve": "CVE-2021-44228",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2021-44228",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-407408",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2021-44228",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-44228",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-407408",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-44228",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-407408"
},
{
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-1775 - [release-5.2] Syslog output is serializing json incorrectly\nLOG-1824 - [release-5.2] Rejected by Elasticsearch and unexpected json-parsing\nLOG-1963 - [release-5.2] CLO panic: runtime error: slice bounds out of range [:-1]\nLOG-1970 - Applying cluster state is causing elasticsearch to hit an issue and become unusable\n\n6. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Low: Red Hat JBoss Enterprise Application Platform 7.4 security update\nAdvisory ID: RHSA-2021:5140-01\nProduct: Red Hat JBoss Enterprise Application Platform\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:5140\nIssue date: 2021-12-15\nCVE Names: CVE-2021-44228\n====================================================================\n1. Summary:\n\nA security update is now available for Red Hat JBoss Enterprise Application\nPlatform 7.4. \n\nRed Hat Product Security has rated this update as having a security impact\nof Low. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Description:\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java\napplications based on the WildFly application runtime. \n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise\nApplication Platform 7.4. \n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an\nattacker-controlled string value (CVE-2021-44228)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, see the CVE page(s) listed in the\nReferences section. \n\n3. Solution:\n\nBefore applying this update, back up your existing Red Hat JBoss Enterprise\nApplication Platform installation and deployed applications. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). \n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value\n\n5. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-44228\nhttps://access.redhat.com/security/updates/classification/#low\nhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4\nhttps://access.redhat.com/solutions/6577421\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2021-009\nhttps://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/\nhttps://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/\n\n6. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYbmdF9zjgjWX9erEAQg7Bg//QTWXVl6Au/rNu96FO/u13bKZFX6Rj1Ev\n6q++z9GpMumsxMxpXAkNGLk8rsB23XXC0gnOJjP8u0cZ+qN9l+Z1KG25bvJywm8t\nVrRcwsxlvxzOODp8ongvkJ20rARAHEyMtSjTy/NkSNiZUBHWTqw0u7LDwaaO+r8T\nfEmRC3t4GJ1gUiqjMeLWjpi7bvl4GcXDHD+Jbf4a10PHYZAC5I0Oh4j/DJYH31CT\ncbKOd4CCiuERnbR1Y/ZCWNxpgonwCD12Q+bXbmTc+/oGW0zmqI5OwXgy2w56yCdy\nEYXUfPK2e0EoFCcQxa4yC2YmRS6VRix1KYLy5XKaHFaV4RRqkbsL2yDCr4/EUeRy\na7jeJK7wcbpbR0iKijQJuF00+pqpOmBn5sqV5P+IUyD7Iwt6C5OqsRinLS6OWP7D\n85iS55Vf7bY8ZLvz8x7v3IsFx6vuLV6YD8S504oKrX5aQI/pUYz9XVH7hMAlhFdB\nwlETMdxdk6oiEpPwi9/DBse0/aFGLuXW9vDD5X6BzW9ZZs+cpyJGtWH6ep5lVear\nFi4N7Easy+iT/K8g9tJOiTy9O2SIr5S2AJvmu7j9YqXtm2qOPuY8U8FjaXXFVDgF\nmaPElBFrg9V46XaBp1IQXH3UZ6869nP9XMt2kh8rCm3zHbA6R5kzaXW93hbzKJcl\nabX8PaJHiOs=v55Q\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. The purpose of this\ntext-only errata is to inform you about the security issues fixed in this\nrelease. Description:\n\nThe releases of Red Hat Fuse 7.8.2, 7.9.1 and 7.10.1 serve as a patch to\nRed Hat Fuse on Karaf and Red Hat Fuse on Spring Boot and includes security\nfixes, which are documented in the Release Notes document linked to in the\nReferences. \n\nInstallation instructions are available from the Fuse product documentation\npages:\n\nFuse 7.8:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.9:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\nFuse 7.10:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2022-03-14-7 Xcode 13.3\n\nXcode 13.3 addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT213189. \n\niTMSTransporter\nAvailable for: macOS Monterey 12 and later\nImpact: Multiple issues in iTMSTransporter\nDescription: Multiple issues were addressed with updating FasterXML\njackson-databind and Apache Log4j2. \nCVE-2019-14379\nCVE-2021-44228\n\notool\nAvailable for: macOS Monterey 12 and later\nImpact: Opening a maliciously crafted file may lead to unexpected\napplication termination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2022-22601: hjy79425575\nCVE-2022-22602: hjy79425575\nCVE-2022-22603: hjy79425575\nCVE-2022-22604: hjy79425575\nCVE-2022-22605: hjy79425575\nCVE-2022-22606: hjy79425575\nCVE-2022-22607: hjy79425575\nCVE-2022-22608: hjy79425575\n\nAdditional recognition\n\niTMSTransporter\nWe would like to acknowledge Anthony Shaw of Microsoft for their\nassistance. \n\nld64\nWe would like to acknowledge Pan ZhenPeng (@Peterpan0927) of Alibaba\nSecurity Pandora Lab for their assistance. \n\nXcode IDE\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nXcode 13.3 may be obtained from:\nhttps://developer.apple.com/xcode/downloads/ To check that the Xcode\nhas been updated: * Select Xcode in the menu bar * Select About\nXcode * The version after applying this update will be \"Xcode 13.3\". \nAll information is also posted on the Apple Security Updates\nweb site: https://support.apple.com/en-us/HT201222. \n\n2021-12-11: VMSA-2021-0028.1\nUpdated advisory with workaround information for multiple products including vCenter Server Appliance, vRealize Operations, Horizon, vRealize Log Insight, Unified Access Gateway. \n\n2021-12-13: VMSA-2021-0028.2\nRevised advisory with updates to multiple products. \n\\x95\tVMware HCX\n\\x95\tVMware NSX-T Data Center\n\\x95\tVMware WorkspaceOne Access\n\\x95\tVMware Identity Manager \n\\x95\tVMware vRealize Operations Cloud Proxy\n\\x95\tVMware vRealize Lifecycle Manager\n\\x95\tVMware Site Recovery Manager, vSphere Replication\n\\x95\tVMware Carbon Black Cloud Workload Appliance\n\\x95\tVMware Carbon Black EDR Server\n\\x95\tVMware Tanzu GemFire\n\\x95\tVMware Tanzu Greenplum\n\\x95\tVMware Tanzu Operations Manager\n\\x95\tVMware Tanzu Application Service for VMs\n\\x95\tVMware Tanzu Kubernetes Grid Integrated Edition\n\\x95\tVMware Tanzu Observability by Wavefront Nozzle\n\\x95\tHealthwatch for Tanzu Application Service\n\\x95\tSpring Cloud Services for VMware Tanzu\n\\x95\tAPI Portal for VMware Tanzu\n\\x95\tSingle Sign-On for VMware Tanzu Application Service\n\\x95\tApp Metrics\n\\x95\tVMware vCenter Cloud Gateway\n\\x95\tVMware Cloud Foundation\n\\x95\tVMware Workspace ONE Access Connector\n\\x95\tVMware Horizon DaaS\n\\x95\tVMware Horizon Cloud Connector\n\\x95\tVMware NSX Data Center for vSphere\n\\x95\tVMware AppDefense Appliance\n\\x95\tVMware Cloud Director Object Storage Extension\n\nYou are receiving this alert because you are subscribed to the VMware Security Announcements mailing list. To modify your subscription or unsubscribe please visit https://lists.vmware.com/mailman/listinfo/security-announce. \n\nThis update also fixes CVE-2020-9488 in the oldstable distribution\n(buster). Improper validation of certificate with host mismatch in Apache Log4j\nSMTP appender. This could allow an SMTPS connection to be intercepted by a\nman-in-the-middle attack which could leak any log messages sent through that\nappender. \n\nFor the oldstable distribution (buster), this problem has been fixed\nin version 2.15.0-1~deb10u1. \n\nFor the stable distribution (bullseye), this problem has been fixed in\nversion 2.15.0-1~deb11u1. \n\nWe recommend that you upgrade your apache-log4j2 packages. \n\nFor the detailed security status of apache-log4j2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/apache-log4j2\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmG0+YVfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD\nRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7\nUeQvXA/+LIMVC0X80Qc6No564VodtTN3Ci0NyaUcQyZG8Gyo2tPuwKEpOUpmom7f\nwcZvQgKvwxs3Ad1M5Zt/6Ql3v0KbwzBah0v8KUV86B6g4yb+Wno7iKQR1mN47bpz\n2SJPzf6IECwtmz3zYI3fLuJJ/dvAMRlQ+nhPsC8/zJGJgfFHFmDyfG8TtlrYLUHS\nPjpov4C/VllQGJ5MjyVF93OqTCy4V7WxH/RgT1YBOs71KNCq5yPoch35geytSQoM\nKk59qFLQgST2kYhLVxRRbdQAAhbA7W5XythKqphon6nRmlJPHSGkXMf9s0N3cm6K\nZkmvo2/A29FiceZj/bSM4/qw7gqbsJfpSMcTKmxhReolsXAJVj4mGu9cZZTAP7Tb\ng8fl8kGljFd01ka0208eFyILHCR2bAF2xgS1nG6TCc170azDkvW38fZHHkLQIPbF\nTOwxoNv8dHgyT6pfI+BDYKy9pNvrLk/jqXkOpry6nY+Ji/RcjGBDIR3VP25VsMk8\n6zwERE1LX0IvwiaSFBg6oyWW4siINZzFyVXryLvRr/YBIAYKGv+Y1Wn8ageACItW\n2SZjLbK4uBTOHyvPITBgOZSYD7kYcTPxdbb8ntw7Uo489hYXzjYlloTBoUPg1G3o\ngyZnRfW0yYf2bA63I7vVBDTITt8K4H1UkUDEOIUjXGekFLqDnGw=\n=BY2+\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-44228"
},
{
"db": "VULHUB",
"id": "VHN-407408"
},
{
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"db": "PACKETSTORM",
"id": "165287"
},
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165291"
},
{
"db": "PACKETSTORM",
"id": "165298"
},
{
"db": "PACKETSTORM",
"id": "165329"
},
{
"db": "PACKETSTORM",
"id": "165333"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "166313"
},
{
"db": "PACKETSTORM",
"id": "165260"
},
{
"db": "PACKETSTORM",
"id": "169172"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-407408",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-407408"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-44228",
"trust": 2.2
},
{
"db": "PACKETSTORM",
"id": "165260",
"trust": 1.2
},
{
"db": "PACKETSTORM",
"id": "165311",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "165225",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "165532",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "165281",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "165306",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "165673",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "165282",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "165371",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "167794",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "167917",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "165270",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "165261",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "165642",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "165307",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-479842",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-714170",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-661247",
"trust": 1.1
},
{
"db": "SIEMENS",
"id": "SSA-397453",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/13/1",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/14/4",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/10/3",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/13/2",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/10/2",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/15/3",
"trust": 1.1
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2021/12/10/1",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#930724",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "171626",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "165329",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165333",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165291",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "166313",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165298",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165289",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165632",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "165293",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165343",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165520",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165295",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165285",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165290",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165733",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165279",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165297",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165326",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165348",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165264",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "50592",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "50590",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-407408",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-44228",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "165287",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169172",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-407408"
},
{
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"db": "PACKETSTORM",
"id": "165287"
},
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165291"
},
{
"db": "PACKETSTORM",
"id": "165298"
},
{
"db": "PACKETSTORM",
"id": "165329"
},
{
"db": "PACKETSTORM",
"id": "165333"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "166313"
},
{
"db": "PACKETSTORM",
"id": "165260"
},
{
"db": "PACKETSTORM",
"id": "169172"
},
{
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"id": "VAR-202112-0566",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-407408"
}
],
"trust": 0.7188405714285715
},
"last_update_date": "2024-09-19T22:28:57.769000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Debian CVElist Bug Report Logs: apache-log4j2: CVE-2021-44228: Remote code injection via crafted log messages",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=4eae9b09b97da57f4ca6103cc85ed4da"
},
{
"title": "Debian CVElist Bug Report Logs: apache-log4j2: CVE-2021-45046: Incomplete fix for CVE-2021-44228 in certain non-default configurations",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=b88a8ce4fc53c3a45830bc6bbde8b01c"
},
{
"title": "Debian Security Advisories: DSA-5020-1 apache-log4j2 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=24c79c59809a2c5bcddc81889b23a6bc"
},
{
"title": "Debian Security Advisories: DSA-5022-1 apache-log4j2 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=5ba53229ef5f408ed29126bd4f624def"
},
{
"title": "IBM: Security Bulletin: There is vulnerability in Apache Log4j used by Content Manager OnDemand z/OS. Content Manager OnDemand z/OS has addressed the applicable CVE [CVE-2021-44228]",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=dbdfcf9d51b60adf542d500e515b9ba8"
},
{
"title": "Red Hat: CVE-2021-44228",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2021-44228"
},
{
"title": "IBM: An update on the Apache Log4j 2.x vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=0648a3f00f067d373b069c4f2acd5db4"
},
{
"title": "Amazon Linux AMI: ALAS-2021-1553",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2021-1553"
},
{
"title": "IBM: Security Bulletin: IBM Cloud Pak System is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-45046, CVE-2021-44228)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=c8b40ff47e1d31bee8b0fbdbdd4fe212"
},
{
"title": "IBM: Security Bulletin: IBM Cloud Pak System is vulnerable to arbitrary code execution due to Apache Log4j (CVE-2021-45046, CVE-2021-44228)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=654a4f5a7bd1fdfd229558535923710b"
},
{
"title": "Amazon Linux 2: ALAS2-2021-1731",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2021-1731"
},
{
"title": "Amazon Linux 2: ALAS2-2021-1730",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2021-1730"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2021-44228 log"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/canarieids/Zeek-Ubuntu-22.04 "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/f5devcentral/f5-professional-services "
},
{
"title": "Log4J-CVE-2021-44228-Mitigation-Cheat-Sheet",
"trust": 0.1,
"url": "https://github.com/thedevappsecguy/Log4J-CVE-2021-44228-Mitigation-Cheat-Sheet "
},
{
"title": "spring-on-k8s",
"trust": 0.1,
"url": "https://github.com/AndriyKalashnykov/spring-on-k8s "
},
{
"title": "jaygooby",
"trust": 0.1,
"url": "https://github.com/jaygooby/jaygooby "
},
{
"title": "log4j-log4shell-playground",
"trust": 0.1,
"url": "https://github.com/rgl/log4j-log4shell-playground "
},
{
"title": "Log4j",
"trust": 0.1,
"url": "https://github.com/kaganoglu/Log4j "
},
{
"title": "trivy-cve-scan",
"trust": 0.1,
"url": "https://github.com/broadinstitute/trivy-cve-scan "
},
{
"title": "test-44228",
"trust": 0.1,
"url": "https://github.com/datadavev/test-44228 "
},
{
"title": "cve-2021-44228-helpers",
"trust": 0.1,
"url": "https://github.com/uint0/cve-2021-44228-helpers "
},
{
"title": "log4j-vendor-list",
"trust": 0.1,
"url": "https://github.com/bizzarecontacts/log4j-vendor-list "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2021-44228 "
},
{
"title": "log4shell",
"trust": 0.1,
"url": "https://github.com/0xsyr0/log4shell "
},
{
"title": "cve-2021-44228-qingteng-online-patch",
"trust": 0.1,
"url": "https://github.com/qingtengyun/cve-2021-44228-qingteng-online-patch "
},
{
"title": "cve-2021-44228",
"trust": 0.1,
"url": "https://github.com/corelight/cve-2021-44228 "
},
{
"title": "Log4Shell-IOCs",
"trust": 0.1,
"url": "https://github.com/curated-intel/Log4Shell-IOCs "
},
{
"title": "Sitecore.Solr-log4j-mitigation",
"trust": 0.1,
"url": "https://github.com/avwolferen/Sitecore.Solr-log4j-mitigation "
},
{
"title": "check-log4j",
"trust": 0.1,
"url": "https://github.com/yahoo/check-log4j "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-44228"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
},
{
"problemtype": "CWE-400",
"trust": 1.1
},
{
"problemtype": "CWE-502",
"trust": 1.1
},
{
"problemtype": "CWE-917",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-407408"
},
{
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"trust": 1.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-apache-log4j-qruknebd"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"trust": 1.1,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"trust": 1.1,
"url": "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2021-0032"
},
{
"trust": 1.1,
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"trust": 1.1,
"url": "https://support.apple.com/kb/ht213189"
},
{
"trust": 1.1,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"trust": 1.1,
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2022/mar/23"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2022/jul/11"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2022/dec/2"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/167794/open-xchange-app-suite-7.10.x-cross-site-scripting-command-injection.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/167917/mobileiron-log4shell-remote-command-execution.html"
},
{
"trust": 1.1,
"url": "https://github.com/nu11secur1ty/cve-mitre/tree/main/cve-2021-44228"
},
{
"trust": 1.1,
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165225/apache-log4j2-2.14.1-remote-code-execution.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165260/vmware-security-advisory-2021-0028.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165261/apache-log4j2-2.14.1-information-disclosure.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165270/apache-log4j2-2.14.1-remote-code-execution.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165281/log4j2-log4shell-regexes.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165282/log4j-payload-generator.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165306/l4sh-log4j-remote-code-execution.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165307/log4j-remote-code-execution-word-bypassing.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-extensive-scanner.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165371/vmware-security-advisory-2021-0028.4.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165532/log4shell-http-header-injection.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165642/vmware-vcenter-server-unauthenticated-log4shell-jndi-injection-remote-code-execution.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/165673/unifi-network-application-unauthenticated-log4shell-remote-code-execution.html"
},
{
"trust": 1.1,
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"trust": 1.1,
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/software-list.md"
},
{
"trust": 1.1,
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"trust": 1.1,
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"trust": 1.1,
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"trust": 1.1,
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"trust": 1.1,
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"trust": 1.1,
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"trust": 1.1,
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/171626/ad-manager-plus-7122-remote-code-execution.html"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/m5csvunv4hwzzxgoknsk6l7rpm7bokib/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/vu57ujdcfiasio35gc55jmksrxjmcdfm/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44228"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-009"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2021-44228"
},
{
"trust": 0.7,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.7,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.3,
"url": "https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-45046"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45046"
},
{
"trust": 0.2,
"url": "https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/m5csvunv4hwzzxgoknsk6l7rpm7bokib/"
},
{
"trust": 0.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/vu57ujdcfiasio35gc55jmksrxjmcdfm/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-16135"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3200"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-25013"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25012"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35522"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5827"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35524"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25013"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25009"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-27645"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33574"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-13435"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-5827"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-24370"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-43527"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14145"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-13751"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-25014"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-19603"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14145"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-25012"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35521"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-35942"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17594"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35524"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-24370"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3572"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-36086"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35522"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13750"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13751"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22898"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12762"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-16135"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-36084"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-37136"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17594"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-17541"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3800"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-36087"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36331"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3712"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-31535"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3445"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19603"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22925"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36330"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18218"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20232"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20266"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-20838"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22876"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20231"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36332"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25010"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20838"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-17541"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25014"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-36085"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-37137"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20317"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21409"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33560"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-43267"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17595"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3481"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-42574"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14155"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-25009"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-25010"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35523"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-28153"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36331"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-13750"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3426"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-18218"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3580"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17595"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36330"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5127"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35521"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5126"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_integration/2021.q4"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions\u0026product=red.hat.integration\u0026version"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5108"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5140"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=appplatform\u0026version=7.4"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/solutions/6577421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4104"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-4104"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5148"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:5106"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/deploying_into_spring_boot/patch-red-hat-fuse-applications"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-44832"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/installing_on_apache_karaf/apply-hotfix-patch"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=jboss.fuse\u0026version=7.09.0"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.10/html/installing_on_apache_karaf/apply-hotfix-patch"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=jboss.fuse\u0026version=7.10.0"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/installing_on_apache_karaf/apply-hotfix-patch"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.9/html/deploying_into_spring_boot/patch-red-hat-fuse-applications"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-45105"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:0203"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches\u0026product=jboss.fuse\u0026version=7.08.0"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.8/html/deploying_into_spring_boot/patch-red-hat-fuse-applications"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-44832"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22602"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22608"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14379"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht213189."
},
{
"trust": 0.1,
"url": "https://developer.apple.com/xcode/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22606"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht201222."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22601"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22605"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22603"
},
{
"trust": 0.1,
"url": "https://www.vmware.com/security/advisories/vmsa-2021-0028.html"
},
{
"trust": 0.1,
"url": "http://lists.vmware.com/mailman/listinfo/security-announce"
},
{
"trust": 0.1,
"url": "https://lists.vmware.com/mailman/listinfo/security-announce."
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9488"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/apache-log4j2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-407408"
},
{
"db": "PACKETSTORM",
"id": "165287"
},
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165291"
},
{
"db": "PACKETSTORM",
"id": "165298"
},
{
"db": "PACKETSTORM",
"id": "165329"
},
{
"db": "PACKETSTORM",
"id": "165333"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "166313"
},
{
"db": "PACKETSTORM",
"id": "165260"
},
{
"db": "PACKETSTORM",
"id": "169172"
},
{
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-407408"
},
{
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"db": "PACKETSTORM",
"id": "165287"
},
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165291"
},
{
"db": "PACKETSTORM",
"id": "165298"
},
{
"db": "PACKETSTORM",
"id": "165329"
},
{
"db": "PACKETSTORM",
"id": "165333"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "166313"
},
{
"db": "PACKETSTORM",
"id": "165260"
},
{
"db": "PACKETSTORM",
"id": "169172"
},
{
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-10T00:00:00",
"db": "VULHUB",
"id": "VHN-407408"
},
{
"date": "2021-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"date": "2021-12-15T15:20:43",
"db": "PACKETSTORM",
"id": "165287"
},
{
"date": "2021-12-15T15:23:16",
"db": "PACKETSTORM",
"id": "165289"
},
{
"date": "2021-12-15T15:23:37",
"db": "PACKETSTORM",
"id": "165291"
},
{
"date": "2021-12-15T15:28:00",
"db": "PACKETSTORM",
"id": "165298"
},
{
"date": "2021-12-16T15:25:46",
"db": "PACKETSTORM",
"id": "165329"
},
{
"date": "2021-12-16T15:34:27",
"db": "PACKETSTORM",
"id": "165333"
},
{
"date": "2022-01-20T17:49:05",
"db": "PACKETSTORM",
"id": "165632"
},
{
"date": "2022-03-15T15:45:58",
"db": "PACKETSTORM",
"id": "166313"
},
{
"date": "2021-12-14T15:27:58",
"db": "PACKETSTORM",
"id": "165260"
},
{
"date": "2021-12-28T20:12:00",
"db": "PACKETSTORM",
"id": "169172"
},
{
"date": "2021-12-10T10:15:09.143000",
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-06T00:00:00",
"db": "VULHUB",
"id": "VHN-407408"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2021-44228"
},
{
"date": "2024-07-24T17:08:24.167000",
"db": "NVD",
"id": "CVE-2021-44228"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165260"
}
],
"trust": 0.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat Security Advisory 2021-5127-05",
"sources": [
{
"db": "PACKETSTORM",
"id": "165287"
}
],
"trust": 0.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code execution",
"sources": [
{
"db": "PACKETSTORM",
"id": "165287"
},
{
"db": "PACKETSTORM",
"id": "165289"
},
{
"db": "PACKETSTORM",
"id": "165291"
},
{
"db": "PACKETSTORM",
"id": "165298"
},
{
"db": "PACKETSTORM",
"id": "165329"
},
{
"db": "PACKETSTORM",
"id": "165333"
},
{
"db": "PACKETSTORM",
"id": "165632"
},
{
"db": "PACKETSTORM",
"id": "166313"
},
{
"db": "PACKETSTORM",
"id": "165260"
}
],
"trust": 0.9
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.